US6324627B1 - Virtual data storage (VDS) system - Google Patents

Virtual data storage (VDS) system Download PDF

Info

Publication number
US6324627B1
US6324627B1 US09/323,802 US32380299A US6324627B1 US 6324627 B1 US6324627 B1 US 6324627B1 US 32380299 A US32380299 A US 32380299A US 6324627 B1 US6324627 B1 US 6324627B1
Authority
US
United States
Prior art keywords
data storage
computer system
virtual data
virtual
controller
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
US09/323,802
Inventor
David Nathan Kricheff
Colin Constable
Charles Thomas Gambetta
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
JAMBETTA MUSIC Inc
Original Assignee
Virtual Data Security LLC
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Virtual Data Security LLC filed Critical Virtual Data Security LLC
Priority to US09/323,802 priority Critical patent/US6324627B1/en
Assigned to VIRTUAL DATA SECURITY, LLC reassignment VIRTUAL DATA SECURITY, LLC ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: CONSTABLE, COLIN, KRICHEFF, DAVID NATHAN, GAMBETTA, CHARLES THOMAS
Priority to US09/994,584 priority patent/US6792519B2/en
Application granted granted Critical
Publication of US6324627B1 publication Critical patent/US6324627B1/en
Priority to US10/005,172 priority patent/US20020095557A1/en
Assigned to JAMBETTA MUSIC INC reassignment JAMBETTA MUSIC INC ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: VIRTUAL DATA SECURITY LLC
Anticipated expiration legal-status Critical
Expired - Fee Related legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/02Addressing or allocation; Relocation
    • G06F12/08Addressing or allocation; Relocation in hierarchically structured memory systems, e.g. virtual memory systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/06Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
    • G06F3/0601Interfaces specially adapted for storage systems
    • G06F3/0628Interfaces specially adapted for storage systems making use of a particular technique
    • G06F3/0662Virtualisation aspects
    • G06F3/0664Virtualisation aspects at device level, e.g. emulation of a storage device or system
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/78Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
    • G06F21/80Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data in storage media based on magnetic or optical technology, e.g. disks with sectors
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/06Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
    • G06F3/0601Interfaces specially adapted for storage systems
    • G06F3/0602Interfaces specially adapted for storage systems specifically adapted to achieve a particular effect
    • G06F3/0614Improving the reliability of storage systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/06Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
    • G06F3/0601Interfaces specially adapted for storage systems
    • G06F3/0602Interfaces specially adapted for storage systems specifically adapted to achieve a particular effect
    • G06F3/0614Improving the reliability of storage systems
    • G06F3/0619Improving the reliability of storage systems in relation to data integrity, e.g. data losses, bit errors
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/06Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
    • G06F3/0601Interfaces specially adapted for storage systems
    • G06F3/0628Interfaces specially adapted for storage systems making use of a particular technique
    • G06F3/0629Configuration or reconfiguration of storage systems
    • G06F3/0637Permissions
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/06Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
    • G06F3/0601Interfaces specially adapted for storage systems
    • G06F3/0668Interfaces specially adapted for storage systems adopting a particular infrastructure
    • G06F3/0671In-line storage system
    • G06F3/0673Single storage device
    • G06F3/0674Disk device
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/06Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
    • G06F3/0601Interfaces specially adapted for storage systems
    • G06F3/0668Interfaces specially adapted for storage systems adopting a particular infrastructure
    • G06F3/0671In-line storage system
    • G06F3/0673Single storage device
    • G06F3/0674Disk device
    • G06F3/0676Magnetic disk device

Definitions

  • VDS Virtual Data Storage
  • the present invention relates to computer system data storage. More particularly, this invention relates to a virtual data storage system that can be configured to provide multiple virtual data storage devices for a single physical data storage device, and to selectively isolate at least one virtual data storage device from the computer system.
  • a typical computer system generally includes one or more memory subsystems which are connected to one or more central processing units (“CPUs”) either directly or through a control unit and a communications channel.
  • CPUs central processing units
  • the function of these memory subsystems is to store data and programs which the CPU(s) use in performing particular data processing tasks.
  • Modern computer systems also include systems in which a relatively large computer system is formed by networking together multiple smaller computer systems.
  • RAM random access memory
  • DRAM dynamic random access memory
  • ROM read-only memory
  • nonvolatile memory nonvolatile memory
  • a typical large-capacity storage device subsystem may include one or more disk drives, tape drives and/or CD-ROMs connected to the computer system through appropriate control units.
  • Such a failure could for example be caused by a computer virus, an illegal program instruction or the failure of all or part of a disk drive's storage medium. Such failures typically cause the entire computer system to cease functioning (i.e., “crash”), and also compromise the security of all of the data stored within the computer system. These types of failures could for example destroy all stored data, the computer's operating system and/or the operating system's ability to initialize and restart (i.e., “boot”) the computer. Such data failures can take any number of forms, from the slow subtle destruction of sensitive data to the instantaneous destruction of all data and software necessary to run or restart the computer system.
  • Computer system memory subsystems such as disk drives typically operate by communicating with the computer system's CPU(s) either directly or indirectly through an appropriate control unit.
  • Operating disk drives in this conventional fashion normally exposes the entire contents of the disk drive storage device to spurious commands and electronic signals for the entire time the computer system is operating. As a result, during this time all of the data stored in the disk drive is exposed to destruction or corruption.
  • U.S. Pat. Nos. 5,586,301 and 5,657,470 disclose personal computer hard disk protection systems which partition hard disk drives into multiple zones, each having restricted user and application program access.
  • U.S. Pat. No. 5,129,088 discloses a mechanism for dynamically reconfiguring such partitions based on the computer system's changing requirements.
  • U.S. Pat. No. 5,829,053 discloses a more efficient mechanism for managing the partitioning code data which is used to control such a partitioning scheme.
  • 5,519,844 discloses a RAID (Redundant Array of Inexpensive Disks) disk drive architecture for providing redundant disk drive copies of data so that, in the event that one copy is irreparably corrupted or destroyed, another undamaged copy of the data nevertheless can be retrieved. None of these protection systems, however, prevents a computer system and its operating system from accessing or communicating with certain portions of a disk drive system in the event that program data is corrupted, such as in the event of infiltration by a computer virus for example. In the event of such an infiltration, all data stored in the disk drive system could be corrupted or destroyed.
  • RAID Redundant Array of Inexpensive Disks
  • a need has arisen for a system which will protect certain desired portions of data stored in a computer memory subsystem from spurious commands and electronic signals while the computer system is operating, thereby protecting such stored data from possible undesired destruction or corruption.
  • the need has also arisen in particular for a system which provides such protection to a disk drive storage system, and which restricts the computer system to communicating with only those portions of data necessary for operation of the computer system by the current user or users.
  • VDS Virtual Data Storage
  • the VDS System of the present invention provides multiple virtual data storage devices for use in a computer system which contains a central processing unit (“CPU”).
  • the VDS System includes a memory system for storing information and a VDS Controller which is in communication with the memory system and the CPU.
  • the VDS Controller partitions the memory system into multiple virtual data storage devices, and then restricts the computer system from communicating with certain of these virtual data storage devices.
  • the VDS Controller thus selectively isolates at least one of the virtual data storage devices from communicating with the computer system, in order to prevent corruption of information stored in at least one virtual data storage device.
  • the VDS controller provides multiple virtual data storage devices for use in a computer system which contains multiple smaller computer systems and/or computer system components and/or multiple CPUs.
  • the VDS controller can be configured to select the quantity and size of the multiple virtual data storage devices, as well as the virtual data storage devices which are selectively isolated from communication with the computer system.
  • the computer system engages in an initialization boot sequence followed by a period of normal operation.
  • the VDS Controller is configured during the computer system's initialization boot sequence, and the VDS Controller selectively isolates the selected virtual data storage devices from communication with the computer system during the computer system's period of normal operation.
  • the computer system has multiple users, one or more of which configures the VDS Controller.
  • the virtual data storage devices which are selectively isolated from communication with the computer system are determined according to the user(s) operating the computer system during the computer system's period of normal operation.
  • the computer system engages in the initialization boot sequence when electrical power is applied to the computer system or when the computer system is reset.
  • the VDS Controller is configured using a stored initialization and configuration routine and stored configuration data, which the computer system can access only during the initialization boot sequence.
  • the initialization and configuration routine and the configuration data are stored in the computer system's memory system.
  • the computer system used in connection with the invention is a personal computer (“PC”) system
  • the initialization boot sequence is a BIOS sequence.
  • the BIOS sequence invokes the stored initialization and configuration routine for configuring the VDS controller.
  • the memory system is a disk drive storage system and the virtual data storage devices are virtual disk drives.
  • the disk drive storage system includes multiple disk drive storage units.
  • the VDS Controller is configured so that only one virtual data storage device can communicate with the computer system. In still another preferred embodiment, the VDS Controller is configured so that more than one virtual data storage device can communicate with the computer system.
  • the present invention also provides a method for providing multiple virtual data storage devices for use in a computer system which has a memory system for storing information.
  • This method includes partitioning the memory system into multiple virtual data storage devices, and then restricting communication by the computer system to communication with only certain of the virtual data storage devices.
  • the method of the invention thus selectively isolates at least one virtual data storage device from communication with the computer system, in order to prevent corruption of information stored in at least one virtual data storage device.
  • FIG. 1 is a block diagram of a prior art computer system.
  • FIG. 2 is an exemplary block diagram of one embodiment of the Virtual Data Storage System of the present invention.
  • FIG. 3 is an exemplary block diagram of another embodiment of the Virtual Data Storage System of the present invention.
  • FIG. 4 is an exemplary block diagram depicting a physical disk drive and multiple virtual disk drives in an embodiment of the Virtual Data Storage System of the present invention.
  • FIG. 5 is an exemplary block diagram depicting a physical disk drive and multiple virtual disk drives in another embodiment of the Virtual Data Storage System of the present invention.
  • FIG. 6 is an exemplary process flow diagram depicting a virtual disk drive initialization and configuration routine of the Virtual Data Storage System of the present invention.
  • the present invention can be applied to any type of memory subsystem used in computer systems.
  • the present invention is utilized in connection with a large-capacity memory storage subsystem, in particular a disk drive memory subsystem.
  • FIG. 1 depicts a prior art computer system employing a conventional disk drive system.
  • the computer system includes a single CPU 2 connected to a disk drive system via data bus 4 .
  • the disk drive system includes Disk Drive 6 connected to Disk Drive Controller 8 via Disk Drive Interface Bus 10 .
  • Also typically included in a prior art computer system but not shown in FIG. 1 would be a main memory subsystem and I/O (input/output) devices.
  • Disk Drive Controller 8 In a prior art computer system such as that depicted in FIG. 1, it is possible for CPU 2 to access the entire contents of Disk Drive 6 through Disk Drive Controller 8 . That is to say, the entire contents of Disk Drive 6 is “presented” to CPU 2 by Disk Drive Controller 8 .
  • CPU 2 and the computer system directly control where on physical Disk Drive 6 data is stored and from where it is retrieved.
  • all of the data stored in Disk Drive 6 could be corrupted or destroyed at any time while the computer system is operating.
  • FIG. 2 depicts an embodiment of the present invention wherein Virtual Data Storage (“VDS”) Controller 12 is substituted for Disk Drive Controller 8 and serves as the interface between CPU 2 and Disk Drive 6 .
  • VDS Controller 12 maps Disk Drive 6 into multiple virtual disk drives, as will be described in additional detail below.
  • VDS Controller 12 presents for access by CPU 2 and the computer system only certain of these virtual disk drives. That is to say, for every attempt by CPU 2 or the computer system to access physical Disk Drive 6 , VDS Controller 12 maps the access request into a corresponding request to an active virtual disk drive which has been configured by VDS Controller 12 .
  • the VDS Controller 12 rather than CPU 2 , Disk Drive Controller 8 or the computer system, controls where on physical Disk Drive 6 data is stored and from where it is retrieved.
  • VDS Controller 12 thus controls which portion or portions of the total storage space of Disk Drive 6 is accessible by (i.e., is presented to) CPU 2 and the computer system. Specifically, VDS Controller 12 restricts communication access by CPU 2 and the computer system to portions of Disk Drive 6 necessary for operation of the computer system by the current user or users. Thus, in the case of an event such as infiltration by a computer virus in the present invention, the only portions of Disk Drive 6 which are susceptible to possible data corruption or destruction are those portions corresponding to the virtual disk drive(s) presented by VDS Controller 12 to CPU 2 and the computer system. The remaining portions of Disk Drive 6 cannot be accessed by CPU 2 or the computer system, and the data contained therein therefore cannot be corrupted or destroyed.
  • the virtual disk drive configuration provided by VDS Controller 12 is not accessible by CPU 2 or the computer system, or any operating system program or application program being run by the computer system, during the computer system's normal operation. Rather, as discussed in additional detail below, the virtual disk drive configuration provided by VDS Controller 12 is accessible by CPU 2 and the computer system only during the computer system's initialization (i.e., boot) and configuration sequence. This access to VDS Controller 12 for purposes of configuration is accomplished using Data Bus 4 or another parallel or serial data connection (not shown) to VDS Controller 12 . Alternatively, the virtual disk drive configuration provided by VDS Controller 12 could also be configured based on the position of hard-wired switches configured by the user or users.
  • FIG. 3 depicts another embodiment of the present invention.
  • the embodiment depicted in FIG. 3 is similar to that depicted in FIG. 2, except that Disk Drive Controller 8 serves as the interface between CPU 2 and VDS Controller 12 , and Disk Drive Controller 8 communicates with VDS Controller 12 via VDS Bus 14 .
  • Disk Drive Controller 8 serves as the interface between CPU 2 and VDS Controller 12
  • Disk Drive Controller 8 communicates with VDS Controller 12 via VDS Bus 14 .
  • VDS Controller 12 and Disk Drive 6 could be integrated into a single unit.
  • VDS Controller 12 and Disk Drive Controller 8 could also be integrated into a single unit, either together with or separate from Disk Drive 6 .
  • the present invention can be implemented in any type of memory subsystem in any type of computer system, the present invention is particularly well suited for use in disk drive subsystems, and more particularly for use in personal computer (“PC”) disk drive subsystems.
  • the present invention can operate with any type of industry-standard bus interface such as the IDE (Intelligent/Integrated Drive Electronics) Interface, SCSI (Small Computer System Interface) or PCI (Peripheral Component Interconnect) Bus, for example.
  • the VDS Controller 12 could for example be a PCI card for installation in a standard PC.
  • VDS Controller 12 could for example be provided during the computer system's initialization (i.e., boot) sequence by the PC system's BIOS (Basic Input/Output System) routine communicating with the VDS Controller 12 via a serial or parallel data bus.
  • This serial or parallel data bus could for example be Data Bus 4 as depicted in FIG. 2, VDS Bus 14 as depicted in FIG. 3, or another parallel or serial data connection (not shown in FIGS. 2 and 3) to VDS Controller 12 , such as an RS-232 or V24 serial connection for example.
  • FIGS. 2-3 include only a single Disk Drive 6
  • other preferred embodiments include more than one Disk Drive 6 .
  • Such multiple disk drives can be configured for example in any of the numerous arrangements well known in the art. Such arrangements include for example configurations to provide redundancy, such as is provided by well-known RAID systems for example, and configurations to provide disk drive systems having very large amounts of storage.
  • VDS Controller 12 maps each individual Disk Drive 6 into multiple virtual disk drives or, alternatively, maps the aggregate of the multiple Disk Drive 6 s into multiple virtual disk drives.
  • VDS Controller 12 can be configured either to provide each CPU 2 with the same communication access to the virtual disk drives or, alternatively, can be configured to provide each CPU 2 with different communication access to the virtual disk drives.
  • FIGS. 2-3 include only a single computer system
  • other preferred embodiments include computer systems which are formed by networking together multiple smaller computer systems and/or computer system components.
  • Such multiple smaller computer systems and/or components can be communicatively connected together for example in any of the numerous arrangements well known in the art, such as by any combination of a Local Area Network (“LAN”), Wide Area Network (“WAN”), encrypted secure Virtual Private Network (“VPN”), or other private secure network connection, for example.
  • LAN Local Area Network
  • WAN Wide Area Network
  • VPN Virtual Private Network
  • VDS Controller 12 is communicatively connected to the network connecting together the multiple smaller computer systems and/or components in order to provide each of them access to the virtual disk drives.
  • VDS Controller 12 can be configured either to provide each of the smaller computer systems and/or components with the same communication access to the virtual disk drives or, alternatively, can be configured to provide each of the smaller computer systems and/or components with different communication access to the virtual disk drives.
  • the present invention enables a PC or other computer system which is periodically used by different users to provide each user with their own virtual disk drive which can be accessed only when that user is operating the computer system.
  • This arrangement allows each user to operate the computer system using exclusively their own personal virtual disk drive.
  • any corruption or destruction of data which occurs while that user is operating the computer system can occur only to data or programs stored in the portion of physical Disk Drive 6 corresponding to that user's virtual disk drive.
  • No corruption or destruction can occur to data or programs stored in any other portions of physical Disk Drive 6 .
  • This arrangement of the present invention permits, for example, different family members sharing a home PC to each operate the PC using their own files, operating system and application programs, without any risk of destroying or corrupting the files, data or programs belonging to other family members.
  • the present invention also permits a single computer system to run multiple different operating systems depending on which virtual disk drive is active at a particular time. Similarly, a single computer user can also maintain multiple virtual disk drives if, for example, that user wishes to run different operating systems at different times of operation.
  • a single computer user can also maintain multiple virtual disk drives for use with different application programs and computer functions. For example, a user can use a particular virtual disk drive when connected to the Internet.
  • the only data and programs at risk of being corrupted are those which are stored on the portion of physical Disk Drive 6 corresponding to the virtual disk drive which is active at the time.
  • Disk Drive 6 depicted in FIGS. 2 and 3 are typically mapped into multiple blocks. Access to the disk drive is accomplished by specifying the block number or numbers being accessed. Such accessing schemes are well known in the prior art, and are disclosed for example in U.S. Pat. No. 5,519,844, the entirety of which is incorporated herein by reference.
  • VDS Controller 12 generates the virtual disk drive configuration by first determining from Disk Drive(s) 6 the number of storage blocks contained therein. VDS Controller 12 then determines from user input the number of virtual disk drives to be configured, the number of blocks in each such virtual disk drive, and the virtual disk drive which is to be active. VDS Controller 12 then generates a map of the virtual disk drive blocks to the physical disk drive blocks located on physical Disk Drive 6 . Any data and required program instructions for implementing the virtual disk drive configuration are stored in a section of memory unable to be accessed or altered by CPU 2 or the computer system once the computer system has completed its initialization (i.e., boot) sequence and begins normal operation. In a preferred embodiment, this memory can be nonvolatile memory, such as nonvolatile RAM (“NVRAM”) for example.
  • NVRAM nonvolatile RAM
  • Table 1 below and FIG. 4 represent an example of a virtual disk drive configuration mapping scheme for a physical Disk Drive 6 containing 1000 blocks of storage space mapped into 3 virtual disk drives.
  • the 3 virtual disk drives, Virtual Disk Drive A 16 , Virtual Disk Drive B 18 and Virtual Disk Drive C 20 contain 300, 500 and 200 blocks of storage space, respectively.
  • VDS Controller 12 presents only that virtual disk drive to CPU 2 and the computer system. Accordingly, when Virtual Disk Drive A 16 is active, VDS Controller 12 presents to CPU 2 and the computer system only virtual block numbers 0 - 299 , which correspond to physical block numbers 0 - 299 of physical Disk Drive 6 . In this case, as can be seen in Table 1, VDS Controller 12 uses an offset of 0 blocks to map the virtual disk drive blocks to the physical disk drive blocks.
  • VDS Controller 12 presents only that virtual disk drive to CPU 2 and the computer system. In this case, as can be seen from Table 1, VDS Controller 12 presents to CPU 2 and the computer system only virtual block numbers 0 - 499 , which correspond to physical block numbers 300 - 799 of physical Disk Drive 6 . When Virtual Disk Drive B 18 is active, VDS Controller 12 uses an offset of 300 blocks to map the virtal disk drive blocks to the physical disk drive blocks.
  • VDS Controller 12 presents only that virtual disk drive to CPU 2 and the computer system. In this case, VDS Controller 12 presents to CPU 2 and the computer system only virtual block numbers 0 - 199 , which correspond to physical block numbers 800 - 999 of physical Disk Drive 6 . In this case, as can be seen in Table 1, VDS Controller 12 uses an offset of 800 blocks to map the virtual disk drive blocks to the physical disk drive blocks.
  • Table 2 and FIG. 5 depict a preferred embodiment of the virtual disk drive configuration similar to that depicted in Table 1 and FIG. 4 .
  • the data and any required program instructions for implementing the virtual disk drive configuration are stored on Disk Drive 6 , rather than in some other area of memory.
  • the virtual disk drive configuration depicted in Table 2 and FIG. 5 is the same as that depicted in Table 1 and FIG. 4, except that 1 block of physical disk space (physical block number 999 ), namely Virtual Disk Drive Configuration Storage Block 22 , is used to store the data and any required program instructions for implementing the virtual disk drive configuration provided by VDS Controller 12 .
  • Virtual Disk Drive C 20 is 1 block smaller and therefore comprises virtual block numbers 1 - 198 , which correspond to physical block numbers 800 - 998 of physical Disk Drive 6 .
  • VDS Controller 12 uses an offset of 999 blocks to map the Virtual Disk Drive Configuration Storage Block 22 to the physical disk drive block number 999 .
  • the Virtual Disk Drive Configuration Storage Block 22 is not accessible by CPU 2 or the computer system once the computer system has completed its initialization (i.e., boot) sequence. Thus as shown in Table 2, during normal computer operation the Virtual Disk Drive Configuration Storage Block 22 is not accessible by, and therefore is not presented by VDS Controller 12 to, the CPU 2 or the computer system.
  • the Virtual Disk Drive Configuration Storage Block 22 comprises only one block of storage space in the example depicted in Table 2 and FIG. 5, this Configuration Block can be of any size.
  • VDS Controller 12 communicates with the computer system in the same way as does Disk Drive Controller 8 in prior art computer systems, such as that depicted in FIG. 1 .
  • certain virtual disk drives may be designated to be shared by more than one user.
  • virtual disk drive configurations such as those depicted in Tables 1-2 and FIGS. 4-5 can activate more than one virtual disk drive at the same time. Such an arrangement might be desirable if for example the user or users share certain virtual disk drives, and/or wish to access data or application programs stored in more than one virtual disk drive to which they are entitled access.
  • FIG. 6 depicts an exemplary process flow for the initialization and configuration of the present invention, beginning with Block 24 .
  • the process depicted in FIG. 6 is performed by VDS Controller 12 when the computer system is either powered up or reset as part of the computer system's initialization (i.e., boot) sequence.
  • VDS Controller 12 can optionally perform a self-test routine.
  • VDS Controller 12 determines whether there is an existing virtual disk drive configuration, such at those depicted in Tables 1-2. As shown in Block 28 , if there is an existing configuration and no changes to the configuration are required by the user, then the VDS Controller 12 proceeds to determine which virtual disk drive should be made active, beginning with Block 30 . Otherwise, the VDS Controller 12 queries the user to determine whether a new virtual disk drive configuration is to be provided, beginning with Block 32 .
  • VDS Controller 12 displays for the user a representation of the configuration, as well as a means for selecting the desired virtual disk drive(s) which are to be active, as shown in Block 30 .
  • the user or users could for example make this selection in the form of a User I.D. input by way of a computer keyboard or mouse. Alternatively, this selection could be made by way of a user-configured hardwired switch.
  • VDS Controller 12 determines which virtual disk drive(s) have been selected to be active by the user or users.
  • VDS Controller 12 typically will require a login password in order to activate the virtual disk drive(s) which have been selected by the user. This type of security precaution ensures that users cannot gain access to virtual disk drives which they are not authorized to use. If the user cannot provide the required login password, VDS Controller 12 once again attempts to determine from the user which virtual disk drive should be made active, as shown in Block 30 . If on the other hand the user provides the required login password, VDS Controller 12 then proceeds to activate the virtual disk drive(s) selected by the user, in accordance with the existing virtual disk drive configuration provided by VDS Controller 12 , as shown in Block 40 .
  • VDS Controller 12 proceeds with a configuration routine, beginning with Block 32 , to determine and then generate a new virtual disk drive configuration, such as those depicted in Tables 1-2 and FIGS. 4-5. As shown in Blocks 32 , 42 and 44 , VDS Controller 12 typically will require a login password before a user is permitted to generate a new virtual disk drive configuration. This security precaution ensures that users cannot gain access to virtual disk drives which they are not authorized to use, and that unauthorized users cannot generate a new virtual disk drive configuration.
  • VDS Controller 12 first determines the type and size of the physical Disk Drive(s) 6 installed in the computer system, as shown in Block 46 . This can be accomplished for example by testing for any connected physical Disk Drive(s) 6 , and by then querying the disk information files to determine the size and type of each Disk Drive 6 . This can be accomplished for example by using Disk Drive Interface Bus 10 or, in a PC-based embodiment of the present invention, a SCSI bus interface to Disk Drive 6 , for example.
  • VDS Controller 12 then provides the user with a configuration menu which prompts the user to specify the quantity of virtual disk drives desired, and the size of each such virtual disk drive.
  • the user could for example input this information using a computer keyboard or mouse. Alternatively, this information could be provided by user-configured hardwired switches.
  • VDS Controller 12 continues to display the configuration menu until the user has provided sufficient input for VDS Controller 12 to determine the quantity and size of the virtual disk drives specified by the user.
  • VDS Controller 12 generates a virtual disk drive configuration and mapping scheme such as those depicted in Tables 1-2, for example. As also shown in Block 54 , VDS Controller 12 also stores this configuration and mapping scheme in the computer system's memory. Once this has been accomplished, and as discussed above, VDS Controller 12 then determines whether any changes are required to the existing configuration, as shown in Blocks 26 and 28 . If not, VDS Controller 12 then determines which virtual disk drive should be made active, beginning with Block 30 , and as described above.
  • VDS Controller 12 emulates a conventional disk drive subsystem of the same size as the active virtual disk drive. VDS Controller 12 operates in this manner until the computer system is either reset or powered up again.
  • CPU 2 and the computer system cannot access or alter either the process depicted in FIG. 6 or the stored configuration data for implementing the existing virtual disk drive configuration. As shown in Block 24 , CPU 2 and the computer system will not be able to access or alter this process and data unless the computer system is reset or powered up.
  • the virtual disk drive initialization and configuration routine depicted in FIG. 6 is stored in memory in the computer system.
  • the initialization (i.e., boot) sequence executes the routine of FIG. 6 to generate and implement the appropriate virtual disk drive configuration and mapping scheme.
  • the data necessary to implement this configuration and mapping scheme is likewise stored in the computer system's memory, preferably in the same area of memory as the routine of FIG. 6 is stored.
  • the routine depicted in FIG. 6 is complete and the virtual disk drive configuration has been established and implemented, the routine relinquishes control of the computer system to the operating system which resides on the virtual disk drive which has been activated. Once this occurs, the data and program instructions for implementing the virtual disk drive configuration are no longer accessible by CPU 2 or the computer system. Accordingly, these data and program instructions cannot be corrupted or destroyed, even in the case of an event such as infiltration by a computer virus.
  • VDS Controller 12 includes a one-time-writeable register which can be written to only once after the computer system is reset or powered up, and thereafter cannot be written to again unless the computer system is again reset or powered up.
  • a one-time-writeable register which can be written to only once after the computer system is reset or powered up, and thereafter cannot be written to again unless the computer system is again reset or powered up.
  • certain data necessary to implement the virtual disk drive configuration and mapping scheme are written or copied from the computer system's memory into this one-time-writeable register. After this has occurred, the data stored in this register cannot be altered or overwritten, unless the computer system is again reset or powered up, and the routine depicted in FIG. 6 is thus initiated.
  • These stored data could represent, for example, certain of the binary bits used to address Disk Drive 6 . With certain of these addressing bits determined solely in accordance with the contents of the one-time-writeable register, certain portions of Disk Drive 6 necessarily would not be accessible by CPU 2 or the computer system.
  • the one-time-writeable register for example has data inputs for receiving the above-mentioned certain data necessary to implement the virtual disk drive configuration and mapping scheme, and outputs representing for example certain of the binary bits used to address Disk Drive 6 .
  • the register also for example has an input connected to the computer system's hardware reset signal, and a write-enable input which is for example activated by the routine depicted in FIG. 6 in order to write the necessary data into the one-time-writeable register. Irrespective of the state of this write-enable input however, the register can be written to only one time following activation of the computer system's hardware reset, which occurs only in the event the computer system is reset or powered up.
  • the one-time-writeable register is implemented using for example a conventional latch or flip-flop in combination with logic gates, arranged to permit the output of the latch or flip-flop to change only in the event a hardware reset has occurred.
  • the computer system is a PC system and the routine depicted in FIG. 6 and the data for implementing the virtual disk drive configuration are stored on Disk Drive 6 in the Virtual Disk Drive Configuration Storage Block 22 depicted in Table 2 and FIG. 5 .
  • the PC BIOS initialization (i.e., boot) sequence directs the instruction counter of CPU 2 to begin executing the program instructions contained in the routine of FIG. 6 . This could be accomplished for example by altering the BIOS sequence so that CPU 2 begins executing instructions at the memory location where the FIG. 6 routine is stored.
  • the BIOS sequence need not be altered.
  • the routine of FIG. 6 is stored on Disk Drive 6 beginning at the same memory location where the BIOS sequence of a prior art PC system would normally direct the instruction counter of CPU 2 to begin executing the program instructions which constitute the operating system.
  • the BIOS sequence instead directs CPU 2 to begin executing the virtual disk drive initialization and configuration routine depicted in FIG. 6 .
  • this routine Once this routine has completed executing, it in turn directs CPU 2 to begin executing the operating system resident on the virtual disk drive which the routine has activated. The computer system then begins its normal operation.

Abstract

A Virtual Disk Storage (VDS) System for providing multiple virtual data storage devices for use in a computer system which contains a central processing unit (CPU). The VDS System includes a memory system for storing information and a VDS Controller which is in communication with the memory system and the CPU. The VDS Controller partitions the memory system into multiple virtual data storage devices, and then restricts the computer system from communicating with certain of these virtual data storage devices. The VDS Controller thus selectively isolates at least one of the virtual data storage devices from communicating with the computer system, in order to prevent corruption of information stored in at least one virtual data storage device.

Description

This application is a continuation-in-part of U.S. patent application entitled “Virtual Data Storage (VDS),” Ser. No. 09/102,520, which was filed on Jun. 22, 1998, now abandoned.
FIELD OF THE INVENTION
The present invention relates to computer system data storage. More particularly, this invention relates to a virtual data storage system that can be configured to provide multiple virtual data storage devices for a single physical data storage device, and to selectively isolate at least one virtual data storage device from the computer system.
BACKGROUND OF THE INVENTION
A typical computer system generally includes one or more memory subsystems which are connected to one or more central processing units (“CPUs”) either directly or through a control unit and a communications channel. The function of these memory subsystems is to store data and programs which the CPU(s) use in performing particular data processing tasks. Modern computer systems also include systems in which a relatively large computer system is formed by networking together multiple smaller computer systems.
Many types of memory subsystems are used in a variety of combinations in current computer systems. These include random access memory (“RAM”), dynamic random access memory (“DRAM”), read-only memory (“ROM”), nonvolatile memory and large-capacity storage devices for storing large quantities of data. A typical large-capacity storage device subsystem may include one or more disk drives, tape drives and/or CD-ROMs connected to the computer system through appropriate control units. A serious problem arises, however, if a memory subsystem fails or is caused to fail such that data stored therein is destroyed, corrupted and/or no longer available to the system.
Such a failure could for example be caused by a computer virus, an illegal program instruction or the failure of all or part of a disk drive's storage medium. Such failures typically cause the entire computer system to cease functioning (i.e., “crash”), and also compromise the security of all of the data stored within the computer system. These types of failures could for example destroy all stored data, the computer's operating system and/or the operating system's ability to initialize and restart (i.e., “boot”) the computer. Such data failures can take any number of forms, from the slow subtle destruction of sensitive data to the instantaneous destruction of all data and software necessary to run or restart the computer system.
Computer system memory subsystems such as disk drives typically operate by communicating with the computer system's CPU(s) either directly or indirectly through an appropriate control unit. Operating disk drives in this conventional fashion normally exposes the entire contents of the disk drive storage device to spurious commands and electronic signals for the entire time the computer system is operating. As a result, during this time all of the data stored in the disk drive is exposed to destruction or corruption.
Although attempts have been made in the prior art to protect memory subsystems from unwanted corruption or destruction, none of these solutions has succeeded in providing the level of protection necessary to eliminate such risks in the case of events such as infiltration by a computer virus. In the case of disk drive storage systems in particular, none of the prior art solutions provide sufficient protection against corruption of data stored therein. This is because prior art systems do not sufficiently restrict the computer system's access to only portions of the disk drive containing data necessary for operation of the computer system by the current user or users.
For example, U.S. Pat. Nos. 5,586,301 and 5,657,470 disclose personal computer hard disk protection systems which partition hard disk drives into multiple zones, each having restricted user and application program access. U.S. Pat. No. 5,129,088 discloses a mechanism for dynamically reconfiguring such partitions based on the computer system's changing requirements. U.S. Pat. No. 5,829,053 discloses a more efficient mechanism for managing the partitioning code data which is used to control such a partitioning scheme. In addition, U.S. Pat. No. 5,519,844 discloses a RAID (Redundant Array of Inexpensive Disks) disk drive architecture for providing redundant disk drive copies of data so that, in the event that one copy is irreparably corrupted or destroyed, another undamaged copy of the data nevertheless can be retrieved. None of these protection systems, however, prevents a computer system and its operating system from accessing or communicating with certain portions of a disk drive system in the event that program data is corrupted, such as in the event of infiltration by a computer virus for example. In the event of such an infiltration, all data stored in the disk drive system could be corrupted or destroyed.
Therefore, a need has arisen for a system which will protect certain desired portions of data stored in a computer memory subsystem from spurious commands and electronic signals while the computer system is operating, thereby protecting such stored data from possible undesired destruction or corruption. The need has also arisen in particular for a system which provides such protection to a disk drive storage system, and which restricts the computer system to communicating with only those portions of data necessary for operation of the computer system by the current user or users.
SUMMARY OF THE INVENTION
It is an object of the present invention to provide a Virtual Data Storage (“VDS”) System for computer memory systems which substantially eliminates or reduces the disadvantages and problems associated with the corruption and destruction of data in prior computer memory systems.
The VDS System of the present invention provides multiple virtual data storage devices for use in a computer system which contains a central processing unit (“CPU”). The VDS System includes a memory system for storing information and a VDS Controller which is in communication with the memory system and the CPU. The VDS Controller partitions the memory system into multiple virtual data storage devices, and then restricts the computer system from communicating with certain of these virtual data storage devices. The VDS Controller thus selectively isolates at least one of the virtual data storage devices from communicating with the computer system, in order to prevent corruption of information stored in at least one virtual data storage device.
In a preferred embodiment of the invention, the VDS controller provides multiple virtual data storage devices for use in a computer system which contains multiple smaller computer systems and/or computer system components and/or multiple CPUs.
In another aspect of the invention, the VDS controller can be configured to select the quantity and size of the multiple virtual data storage devices, as well as the virtual data storage devices which are selectively isolated from communication with the computer system. In a preferred embodiment, the computer system engages in an initialization boot sequence followed by a period of normal operation. In this embodiment, the VDS Controller is configured during the computer system's initialization boot sequence, and the VDS Controller selectively isolates the selected virtual data storage devices from communication with the computer system during the computer system's period of normal operation. In yet another preferred embodiment, the computer system has multiple users, one or more of which configures the VDS Controller. In another preferred embodiment, the virtual data storage devices which are selectively isolated from communication with the computer system are determined according to the user(s) operating the computer system during the computer system's period of normal operation. In yet another preferred embodiment, the computer system engages in the initialization boot sequence when electrical power is applied to the computer system or when the computer system is reset.
In yet another aspect of the invention, the VDS Controller is configured using a stored initialization and configuration routine and stored configuration data, which the computer system can access only during the initialization boot sequence. In a preferred embodiment, the initialization and configuration routine and the configuration data are stored in the computer system's memory system.
In another aspect of the invention, the computer system used in connection with the invention is a personal computer (“PC”) system, and the initialization boot sequence is a BIOS sequence. In yet another aspect of the invention, the BIOS sequence invokes the stored initialization and configuration routine for configuring the VDS controller.
In a preferred embodiment, the memory system is a disk drive storage system and the virtual data storage devices are virtual disk drives. In yet another preferred embodiment, the disk drive storage system includes multiple disk drive storage units. In yet another preferred embodiment, the VDS Controller is configured so that only one virtual data storage device can communicate with the computer system. In still another preferred embodiment, the VDS Controller is configured so that more than one virtual data storage device can communicate with the computer system.
The present invention also provides a method for providing multiple virtual data storage devices for use in a computer system which has a memory system for storing information. This method includes partitioning the memory system into multiple virtual data storage devices, and then restricting communication by the computer system to communication with only certain of the virtual data storage devices. The method of the invention thus selectively isolates at least one virtual data storage device from communication with the computer system, in order to prevent corruption of information stored in at least one virtual data storage device.
The details of the preferred embodiment of the present invention are set forth in the accompanying drawings and the description below. Once the details of the invention are known, numerous additional innovations and changes will become obvious to one skilled in the art.
BRIEF DESCRIPTION OF THE DRAWING
Further objects, features and advantages of the invention will become apparent from the following detailed description taken in conjunction with the accompanying figures showing illustrative embodiments of the invention, in which
FIG. 1 is a block diagram of a prior art computer system.
FIG. 2 is an exemplary block diagram of one embodiment of the Virtual Data Storage System of the present invention.
FIG. 3 is an exemplary block diagram of another embodiment of the Virtual Data Storage System of the present invention.
FIG. 4 is an exemplary block diagram depicting a physical disk drive and multiple virtual disk drives in an embodiment of the Virtual Data Storage System of the present invention.
FIG. 5 is an exemplary block diagram depicting a physical disk drive and multiple virtual disk drives in another embodiment of the Virtual Data Storage System of the present invention.
FIG. 6 is an exemplary process flow diagram depicting a virtual disk drive initialization and configuration routine of the Virtual Data Storage System of the present invention.
Throughout the figures, the same reference numerals and characters, unless otherwise stated, are used to denote like features, elements, components or portions of the illustrated embodiments. Moreover, while the subject invention will now be described in detail with reference to the figures, it is done so in connection with the illustrative embodiments. It is intended that changes and modifications can be made to the described embodiments without departing from the true scope and spirit of the subject invention as defined by the appended claims.
DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS
The present invention can be applied to any type of memory subsystem used in computer systems. In a preferred embodiment, the present invention is utilized in connection with a large-capacity memory storage subsystem, in particular a disk drive memory subsystem.
FIG. 1 depicts a prior art computer system employing a conventional disk drive system. The computer system includes a single CPU 2 connected to a disk drive system via data bus 4. The disk drive system includes Disk Drive 6 connected to Disk Drive Controller 8 via Disk Drive Interface Bus 10. Also typically included in a prior art computer system but not shown in FIG. 1 would be a main memory subsystem and I/O (input/output) devices.
In a prior art computer system such as that depicted in FIG. 1, it is possible for CPU 2 to access the entire contents of Disk Drive 6 through Disk Drive Controller 8. That is to say, the entire contents of Disk Drive 6 is “presented” to CPU 2 by Disk Drive Controller 8. Thus in the prior art system depicted in FIG. 1, CPU 2 and the computer system directly control where on physical Disk Drive 6 data is stored and from where it is retrieved. As a result, in the event of an occurrence such as infiltration by a computer virus, all of the data stored in Disk Drive 6 could be corrupted or destroyed at any time while the computer system is operating.
FIG. 2 depicts an embodiment of the present invention wherein Virtual Data Storage (“VDS”) Controller 12 is substituted for Disk Drive Controller 8 and serves as the interface between CPU 2 and Disk Drive 6. VDS Controller 12 maps Disk Drive 6 into multiple virtual disk drives, as will be described in additional detail below. At any given time the computer system is operating, VDS Controller 12 presents for access by CPU 2 and the computer system only certain of these virtual disk drives. That is to say, for every attempt by CPU 2 or the computer system to access physical Disk Drive 6, VDS Controller 12 maps the access request into a corresponding request to an active virtual disk drive which has been configured by VDS Controller 12. Thus in the present invention, the VDS Controller 12, rather than CPU 2, Disk Drive Controller 8 or the computer system, controls where on physical Disk Drive 6 data is stored and from where it is retrieved.
VDS Controller 12 thus controls which portion or portions of the total storage space of Disk Drive 6 is accessible by (i.e., is presented to) CPU 2 and the computer system. Specifically, VDS Controller 12 restricts communication access by CPU 2 and the computer system to portions of Disk Drive 6 necessary for operation of the computer system by the current user or users. Thus, in the case of an event such as infiltration by a computer virus in the present invention, the only portions of Disk Drive 6 which are susceptible to possible data corruption or destruction are those portions corresponding to the virtual disk drive(s) presented by VDS Controller 12 to CPU 2 and the computer system. The remaining portions of Disk Drive 6 cannot be accessed by CPU 2 or the computer system, and the data contained therein therefore cannot be corrupted or destroyed.
In order to provide this level of protection to Disk Drive 6 even in the event of an occurrence such as a computer virus, the virtual disk drive configuration provided by VDS Controller 12 is not accessible by CPU 2 or the computer system, or any operating system program or application program being run by the computer system, during the computer system's normal operation. Rather, as discussed in additional detail below, the virtual disk drive configuration provided by VDS Controller 12 is accessible by CPU 2 and the computer system only during the computer system's initialization (i.e., boot) and configuration sequence. This access to VDS Controller 12 for purposes of configuration is accomplished using Data Bus 4 or another parallel or serial data connection (not shown) to VDS Controller 12. Alternatively, the virtual disk drive configuration provided by VDS Controller 12 could also be configured based on the position of hard-wired switches configured by the user or users.
FIG. 3 depicts another embodiment of the present invention. The embodiment depicted in FIG. 3 is similar to that depicted in FIG. 2, except that Disk Drive Controller 8 serves as the interface between CPU 2 and VDS Controller 12, and Disk Drive Controller 8 communicates with VDS Controller 12 via VDS Bus 14. Such an embodiment would be particularly appropriate where it is necessary to interface the VDS system of the present invention to a conventional disk drive control system. Of course, in the present invention as depicted in either of FIGS. 2 or 3, VDS Controller 12 and Disk Drive 6 could be integrated into a single unit. Similarly, in the present invention as depicted in FIG. 3, VDS Controller 12 and Disk Drive Controller 8 could also be integrated into a single unit, either together with or separate from Disk Drive 6.
Although the present invention can be implemented in any type of memory subsystem in any type of computer system, the present invention is particularly well suited for use in disk drive subsystems, and more particularly for use in personal computer (“PC”) disk drive subsystems. In addition, the present invention can operate with any type of industry-standard bus interface such as the IDE (Intelligent/Integrated Drive Electronics) Interface, SCSI (Small Computer System Interface) or PCI (Peripheral Component Interconnect) Bus, for example. The VDS Controller 12 could for example be a PCI card for installation in a standard PC. In a PC application of the present invention, the virtual disk drive configuration provided by VDS Controller 12 could for example be provided during the computer system's initialization (i.e., boot) sequence by the PC system's BIOS (Basic Input/Output System) routine communicating with the VDS Controller 12 via a serial or parallel data bus. This serial or parallel data bus could for example be Data Bus 4 as depicted in FIG. 2, VDS Bus 14 as depicted in FIG. 3, or another parallel or serial data connection (not shown in FIGS. 2 and 3) to VDS Controller 12, such as an RS-232 or V24 serial connection for example.
Although the embodiments of the present invention depicted in FIGS. 2-3 include only a single Disk Drive 6, other preferred embodiments include more than one Disk Drive 6. Such multiple disk drives can be configured for example in any of the numerous arrangements well known in the art. Such arrangements include for example configurations to provide redundancy, such as is provided by well-known RAID systems for example, and configurations to provide disk drive systems having very large amounts of storage. In the case of computer systems having multiple disk drives, VDS Controller 12 maps each individual Disk Drive 6 into multiple virtual disk drives or, alternatively, maps the aggregate of the multiple Disk Drive 6s into multiple virtual disk drives.
In addition, although the embodiments of the present invention depicted in FIGS. 2-3 include only a single CPU 2, other preferred embodiments include more than one CPU 2. Such multiple CPUs can be configured for example in any of the numerous arrangements well known in the art, such as in multiprocessor or distributed processor arrangements, for example. In the case of a computer system having multiple CPUs, VDS Controller 12 can be configured either to provide each CPU 2 with the same communication access to the virtual disk drives or, alternatively, can be configured to provide each CPU 2 with different communication access to the virtual disk drives.
Further, although the embodiments of the present invention depicted in FIGS. 2-3 include only a single computer system, other preferred embodiments include computer systems which are formed by networking together multiple smaller computer systems and/or computer system components. Such multiple smaller computer systems and/or components can be communicatively connected together for example in any of the numerous arrangements well known in the art, such as by any combination of a Local Area Network (“LAN”), Wide Area Network (“WAN”), encrypted secure Virtual Private Network (“VPN”), or other private secure network connection, for example. In the case of a computer system containing multiple smaller computer systems and/or components networked together, VDS Controller 12 is communicatively connected to the network connecting together the multiple smaller computer systems and/or components in order to provide each of them access to the virtual disk drives. VDS Controller 12 can be configured either to provide each of the smaller computer systems and/or components with the same communication access to the virtual disk drives or, alternatively, can be configured to provide each of the smaller computer systems and/or components with different communication access to the virtual disk drives.
The present invention enables a PC or other computer system which is periodically used by different users to provide each user with their own virtual disk drive which can be accessed only when that user is operating the computer system. This arrangement allows each user to operate the computer system using exclusively their own personal virtual disk drive. Thus, any corruption or destruction of data which occurs while that user is operating the computer system can occur only to data or programs stored in the portion of physical Disk Drive 6 corresponding to that user's virtual disk drive. No corruption or destruction can occur to data or programs stored in any other portions of physical Disk Drive 6. This arrangement of the present invention permits, for example, different family members sharing a home PC to each operate the PC using their own files, operating system and application programs, without any risk of destroying or corrupting the files, data or programs belonging to other family members.
The present invention also permits a single computer system to run multiple different operating systems depending on which virtual disk drive is active at a particular time. Similarly, a single computer user can also maintain multiple virtual disk drives if, for example, that user wishes to run different operating systems at different times of operation.
A single computer user can also maintain multiple virtual disk drives for use with different application programs and computer functions. For example, a user can use a particular virtual disk drive when connected to the Internet. Thus, in the event that the computer system is compromised by viruses or corrupted data downloaded from the Internet, the only data and programs at risk of being corrupted are those which are stored on the portion of physical Disk Drive 6 corresponding to the virtual disk drive which is active at the time.
Although use of the present invention in the manner described above requires that multiple copies of certain programs (such as operating systems and application programs, for example) be maintained, the resulting higher memory demands in exchange for the increased system security provided is not problematic in view of the relative large size and low cost of modern disk drive subsystems. As disk drive subsystems continue to become increasingly large and less expensive, the benefits provided by the present invention will continue to become even more attractive.
Implementation of the present invention will now be discussed in additional detail. As is well known in the art, modern disk drives such as Disk Drive 6 depicted in FIGS. 2 and 3 are typically mapped into multiple blocks. Access to the disk drive is accomplished by specifying the block number or numbers being accessed. Such accessing schemes are well known in the prior art, and are disclosed for example in U.S. Pat. No. 5,519,844, the entirety of which is incorporated herein by reference.
Referring to FIGS. 2 and 3 and as will be discussed below in additional detail in connection with FIG. 6, VDS Controller 12 generates the virtual disk drive configuration by first determining from Disk Drive(s) 6 the number of storage blocks contained therein. VDS Controller 12 then determines from user input the number of virtual disk drives to be configured, the number of blocks in each such virtual disk drive, and the virtual disk drive which is to be active. VDS Controller 12 then generates a map of the virtual disk drive blocks to the physical disk drive blocks located on physical Disk Drive 6. Any data and required program instructions for implementing the virtual disk drive configuration are stored in a section of memory unable to be accessed or altered by CPU 2 or the computer system once the computer system has completed its initialization (i.e., boot) sequence and begins normal operation. In a preferred embodiment, this memory can be nonvolatile memory, such as nonvolatile RAM (“NVRAM”) for example.
Table 1 below and FIG. 4 represent an example of a virtual disk drive configuration mapping scheme for a physical Disk Drive 6 containing 1000 blocks of storage space mapped into 3 virtual disk drives. The 3 virtual disk drives, Virtual Disk Drive A 16, Virtual Disk Drive B 18 and Virtual Disk Drive C 20, contain 300, 500 and 200 blocks of storage space, respectively.
TABLE 1
Virtual Block VDS
Numbers Controller Size of Corresponding
Presented to Mapping Virtual Physical
CPU and Com- Offset Disk Drive Block
puter System (in blocks) (in blocks) Numbers
Virtual Disk 0-299  0 300  0-299
Drive A
Virtual Disk 0-499 300 500 300-799
Drive B
Virtual Disk 0-199 800 200 800-999
Drive C
As depicted above in Table 1, if Virtual Disk Drive A 16 is active, VDS Controller 12 presents only that virtual disk drive to CPU 2 and the computer system. Accordingly, when Virtual Disk Drive A 16 is active, VDS Controller 12 presents to CPU 2 and the computer system only virtual block numbers 0-299, which correspond to physical block numbers 0-299 of physical Disk Drive 6. In this case, as can be seen in Table 1, VDS Controller 12 uses an offset of 0 blocks to map the virtual disk drive blocks to the physical disk drive blocks.
Similarly, if Virtual Disk Drive B 18 is active, VDS Controller 12 presents only that virtual disk drive to CPU 2 and the computer system. In this case, as can be seen from Table 1, VDS Controller 12 presents to CPU 2 and the computer system only virtual block numbers 0-499, which correspond to physical block numbers 300-799 of physical Disk Drive 6. When Virtual Disk Drive B 18 is active, VDS Controller 12 uses an offset of 300 blocks to map the virtal disk drive blocks to the physical disk drive blocks.
If Virtual Disk Drive C 20 is active, VDS Controller 12 presents only that virtual disk drive to CPU 2 and the computer system. In this case, VDS Controller 12 presents to CPU 2 and the computer system only virtual block numbers 0-199, which correspond to physical block numbers 800-999 of physical Disk Drive 6. In this case, as can be seen in Table 1, VDS Controller 12 uses an offset of 800 blocks to map the virtual disk drive blocks to the physical disk drive blocks.
Table 2 and FIG. 5 depict a preferred embodiment of the virtual disk drive configuration similar to that depicted in Table 1 and FIG. 4. In the embodiment depicted in Table 2 and FIG. 5, the data and any required program instructions for implementing the virtual disk drive configuration are stored on Disk Drive 6, rather than in some other area of memory.
TABLE 2
Virtual Block
Numbers VDS Size of Corres-
Presented to Controller Virtual ponding
CPU and Mapping Disk Physical
Computer Offset Drive Block
System (in blocks) (in blocks) Numbers
Virtual Disk 0-299  0 300  0-299
Drive A
Virtual Disk 0-499 300 500 300-799
Drive B
Virtual Disk 0-198 800 199 800-998
Drive C
Virtual Disk Drive None 999  1 999
Configuration
Storage Block
The virtual disk drive configuration depicted in Table 2 and FIG. 5 is the same as that depicted in Table 1 and FIG. 4, except that 1 block of physical disk space (physical block number 999), namely Virtual Disk Drive Configuration Storage Block 22, is used to store the data and any required program instructions for implementing the virtual disk drive configuration provided by VDS Controller 12. In addition, in order to accommodate this, Virtual Disk Drive C 20 is 1 block smaller and therefore comprises virtual block numbers 1-198, which correspond to physical block numbers 800-998 of physical Disk Drive 6. As can be seen in Table 2, VDS Controller 12 uses an offset of 999 blocks to map the Virtual Disk Drive Configuration Storage Block 22 to the physical disk drive block number 999.
The Virtual Disk Drive Configuration Storage Block 22 is not accessible by CPU 2 or the computer system once the computer system has completed its initialization (i.e., boot) sequence. Thus as shown in Table 2, during normal computer operation the Virtual Disk Drive Configuration Storage Block 22 is not accessible by, and therefore is not presented by VDS Controller 12 to, the CPU 2 or the computer system. Of course, although the Virtual Disk Drive Configuration Storage Block 22 comprises only one block of storage space in the example depicted in Table 2 and FIG. 5, this Configuration Block can be of any size.
During normal computer operation, the above-described mapping operations of the present invention and VDS Controller 12 are transparent to CPU 2 and the computer system. That is to say, VDS Controller 12 communicates with the computer system in the same way as does Disk Drive Controller 8 in prior art computer systems, such as that depicted in FIG. 1.
In other embodiments of the present invention, certain virtual disk drives may be designated to be shared by more than one user. In addition, and if appropriate, virtual disk drive configurations such as those depicted in Tables 1-2 and FIGS. 4-5 can activate more than one virtual disk drive at the same time. Such an arrangement might be desirable if for example the user or users share certain virtual disk drives, and/or wish to access data or application programs stored in more than one virtual disk drive to which they are entitled access.
FIG. 6 depicts an exemplary process flow for the initialization and configuration of the present invention, beginning with Block 24. As shown in Block 24, the process depicted in FIG. 6 is performed by VDS Controller 12 when the computer system is either powered up or reset as part of the computer system's initialization (i.e., boot) sequence. At the beginning of the process depicted in FIG. 6, it should also be noted that VDS Controller 12 can optionally perform a self-test routine.
As shown in Block 26, VDS Controller 12 then determines whether there is an existing virtual disk drive configuration, such at those depicted in Tables 1-2. As shown in Block 28, if there is an existing configuration and no changes to the configuration are required by the user, then the VDS Controller 12 proceeds to determine which virtual disk drive should be made active, beginning with Block 30. Otherwise, the VDS Controller 12 queries the user to determine whether a new virtual disk drive configuration is to be provided, beginning with Block 32.
If there is an existing configuration and no changes are required, VDS Controller 12 displays for the user a representation of the configuration, as well as a means for selecting the desired virtual disk drive(s) which are to be active, as shown in Block 30. The user or users could for example make this selection in the form of a User I.D. input by way of a computer keyboard or mouse. Alternatively, this selection could be made by way of a user-configured hardwired switch. As shown in Block 34, VDS Controller 12 then determines which virtual disk drive(s) have been selected to be active by the user or users.
As shown in Blocks 36-38, VDS Controller 12 typically will require a login password in order to activate the virtual disk drive(s) which have been selected by the user. This type of security precaution ensures that users cannot gain access to virtual disk drives which they are not authorized to use. If the user cannot provide the required login password, VDS Controller 12 once again attempts to determine from the user which virtual disk drive should be made active, as shown in Block 30. If on the other hand the user provides the required login password, VDS Controller 12 then proceeds to activate the virtual disk drive(s) selected by the user, in accordance with the existing virtual disk drive configuration provided by VDS Controller 12, as shown in Block 40.
As shown in Blocks 26 and 28, if there is no existing virtual disk drive configuration, or the user wishes to change the existing configuration, then VDS Controller 12 proceeds with a configuration routine, beginning with Block 32, to determine and then generate a new virtual disk drive configuration, such as those depicted in Tables 1-2 and FIGS. 4-5. As shown in Blocks 32, 42 and 44, VDS Controller 12 typically will require a login password before a user is permitted to generate a new virtual disk drive configuration. This security precaution ensures that users cannot gain access to virtual disk drives which they are not authorized to use, and that unauthorized users cannot generate a new virtual disk drive configuration.
If the user provides the required login password, VDS Controller 12 first determines the type and size of the physical Disk Drive(s) 6 installed in the computer system, as shown in Block 46. This can be accomplished for example by testing for any connected physical Disk Drive(s) 6, and by then querying the disk information files to determine the size and type of each Disk Drive 6. This can be accomplished for example by using Disk Drive Interface Bus 10 or, in a PC-based embodiment of the present invention, a SCSI bus interface to Disk Drive 6, for example.
As shown in Block 48, VDS Controller 12 then provides the user with a configuration menu which prompts the user to specify the quantity of virtual disk drives desired, and the size of each such virtual disk drive. The user could for example input this information using a computer keyboard or mouse. Alternatively, this information could be provided by user-configured hardwired switches.
The configuration menu of course will not accept from the user any configurations in which the combined size of all of the virtual disk drives exceeds the size of the physical Disk Drive(s) 6 present in the computer system. As shown in Blocks 48, 50 and 52, VDS Controller 12 continues to display the configuration menu until the user has provided sufficient input for VDS Controller 12 to determine the quantity and size of the virtual disk drives specified by the user.
Once this has been accomplished, as shown in Block 54, VDS Controller 12 generates a virtual disk drive configuration and mapping scheme such as those depicted in Tables 1-2, for example. As also shown in Block 54, VDS Controller 12 also stores this configuration and mapping scheme in the computer system's memory. Once this has been accomplished, and as discussed above, VDS Controller 12 then determines whether any changes are required to the existing configuration, as shown in Blocks 26 and 28. If not, VDS Controller 12 then determines which virtual disk drive should be made active, beginning with Block 30, and as described above.
Once the virtual disk drive(s) selected by the user have been activated in accordance with an established virtual disk drive configuration as shown in Block 40 of FIG. 6, the computer system begins its normal operation via the operating system resident on the virtual disk drive which has been activated. During the computer system's normal operation, VDS Controller 12 emulates a conventional disk drive subsystem of the same size as the active virtual disk drive. VDS Controller 12 operates in this manner until the computer system is either reset or powered up again. During the computer system's normal operation, CPU 2 and the computer system cannot access or alter either the process depicted in FIG. 6 or the stored configuration data for implementing the existing virtual disk drive configuration. As shown in Block 24, CPU 2 and the computer system will not be able to access or alter this process and data unless the computer system is reset or powered up.
In a preferred embodiment of the present invention, the virtual disk drive initialization and configuration routine depicted in FIG. 6 is stored in memory in the computer system. When the computer system is first powered on, the initialization (i.e., boot) sequence executes the routine of FIG. 6 to generate and implement the appropriate virtual disk drive configuration and mapping scheme. The data necessary to implement this configuration and mapping scheme is likewise stored in the computer system's memory, preferably in the same area of memory as the routine of FIG. 6 is stored.
Once the routine depicted in FIG. 6 is complete and the virtual disk drive configuration has been established and implemented, the routine relinquishes control of the computer system to the operating system which resides on the virtual disk drive which has been activated. Once this occurs, the data and program instructions for implementing the virtual disk drive configuration are no longer accessible by CPU 2 or the computer system. Accordingly, these data and program instructions cannot be corrupted or destroyed, even in the case of an event such as infiltration by a computer virus.
In a preferred embodiment of the present invention, VDS Controller 12 includes a one-time-writeable register which can be written to only once after the computer system is reset or powered up, and thereafter cannot be written to again unless the computer system is again reset or powered up. During the routine depicted in FIG. 6 which is initiated upon reset or power up of the computer system, certain data necessary to implement the virtual disk drive configuration and mapping scheme are written or copied from the computer system's memory into this one-time-writeable register. After this has occurred, the data stored in this register cannot be altered or overwritten, unless the computer system is again reset or powered up, and the routine depicted in FIG. 6 is thus initiated. These stored data could represent, for example, certain of the binary bits used to address Disk Drive 6. With certain of these addressing bits determined solely in accordance with the contents of the one-time-writeable register, certain portions of Disk Drive 6 necessarily would not be accessible by CPU 2 or the computer system.
In this preferred embodiment, the one-time-writeable register for example has data inputs for receiving the above-mentioned certain data necessary to implement the virtual disk drive configuration and mapping scheme, and outputs representing for example certain of the binary bits used to address Disk Drive 6. The register also for example has an input connected to the computer system's hardware reset signal, and a write-enable input which is for example activated by the routine depicted in FIG. 6 in order to write the necessary data into the one-time-writeable register. Irrespective of the state of this write-enable input however, the register can be written to only one time following activation of the computer system's hardware reset, which occurs only in the event the computer system is reset or powered up. In a preferred embodiment, the one-time-writeable register is implemented using for example a conventional latch or flip-flop in combination with logic gates, arranged to permit the output of the latch or flip-flop to change only in the event a hardware reset has occurred.
In another preferred embodiment of the present invention, the computer system is a PC system and the routine depicted in FIG. 6 and the data for implementing the virtual disk drive configuration are stored on Disk Drive 6 in the Virtual Disk Drive Configuration Storage Block 22 depicted in Table 2 and FIG. 5. In such a preferred embodiment, the PC BIOS initialization (i.e., boot) sequence directs the instruction counter of CPU 2 to begin executing the program instructions contained in the routine of FIG. 6. This could be accomplished for example by altering the BIOS sequence so that CPU 2 begins executing instructions at the memory location where the FIG. 6 routine is stored.
Alternatively, in another preferred embodiment, the BIOS sequence need not be altered. In such a preferred embodiment, the routine of FIG. 6 is stored on Disk Drive 6 beginning at the same memory location where the BIOS sequence of a prior art PC system would normally direct the instruction counter of CPU 2 to begin executing the program instructions which constitute the operating system. Thus in this preferred embodiment of the present invention, rather than the BIOS sequence directing CPU 2 to begin executing the operating system as in prior art systems, the BIOS sequence instead directs CPU 2 to begin executing the virtual disk drive initialization and configuration routine depicted in FIG. 6. Once this routine has completed executing, it in turn directs CPU 2 to begin executing the operating system resident on the virtual disk drive which the routine has activated. The computer system then begins its normal operation.
Although the present invention has been described in connection with specific exemplary embodiments, it should be understood that various changes, substitutions and alterations can be made to the disclosed embodiments without departing from the spirit and scope of the invention as set forth in the appended claims.

Claims (51)

What is claimed is:
1. A virtual data storage system for providing a plurality of virtual data storage devices for use in a computer system having a central processing unit, wherein said computer system has an initialization operation and a normal operation, the virtual data storage system comprising:
a memory system for storing information; and
a virtual data storage controller in communication with said memory system and with said central processing unit of said computer system, said controller being capable of partitioning physical memory address space of said memory system into a plurality of virtual data storage devices, each said virtual data storage device comprising a separate portion of said physical memory address space determined in accordance with a memory mapping of said physical memory address space into said virtual data storage devices, said memory mapping having an offset corresponding to each said virtual data storage device and causing fewer than said plurality of virtual data storage devices to be presented to said computer system during said normal operation, said controller also being capable of utilizing said memory mapping and said offsets to restrict communication by said computer system during said normal operation to communication with fewer than said plurality of virtual data storage devices, in order to selectively isolate at least one said virtual data storage device and its corresponding physical memory address space from communication with said computer system, wherein at no time during said normal operation can said computer system communicate with said at least one said virtual data storage device and its corresponding physical memory address space, thereby preventing corruption of information stored in said at least one virtual data storage device.
2. The virtual data storage system of claim 1, wherein said memory system comprises a disk drive storage system, and wherein said virtual data storage devices comprise virtual disk drives.
3. The virtual data storage system of claim 2, wherein said disk drive storage system comprises a plurality of disk drive storage units.
4. The virtual data storage system of claim 1, wherein each said virtual data storage device is of a size which can be selected, and wherein said controller is configured to select a quantity of said virtual data storage devices, to select said size for each said virtual data storage device, and to select said virtual data storage devices which are selectively isolated from communication with said computer system.
5. The virtual data storage system of claim 4, wherein said controller is configured exclusively during said initialization operation.
6. The virtual data storage system of claim 5, wherein said computer system comprises a personal computer system, and wherein said initialization operation comprises a BIOS initialization boot sequence.
7. The virtual data storage system of claim 5, wherein said computer system has a plurality of users, and wherein said controller is configured by one or more said users during said initialization operation of said computer system, and wherein said virtual data storage devices selectively isolated from communication with said computer system are determined according to the user operating said computer system during said period of normal operation.
8. The virtual data storage system of claim 5, wherein said computer system is arranged to engage in said initialization operation when electrical power is applied to said computer system or when said computer system is reset.
9. The virtual data storage system of claim 5, wherein said controller is configured using a stored initialization and configuration routine and stored configuration data, wherein said computer system is arranged to access said stored initialization and configuration routine and said stored configuration data only during said initialization operation of said computer system.
10. The virtual data storage system of claim 9, wherein said initialization and configuration routine and said configuration data are stored in said memory system of said computer system.
11. The virtual data storage system of claim 9, wherein said computer system comprises a personal computer system and wherein said initialization operation of said computer system comprises a BIOS initialization boot sequence, and wherein said stored initialization and configuration routine for configuring said controller is invoked by said BIOS initialization boot sequence.
12. The virtual data storage system of claim 4, wherein said controller is configured so that only one of said plurality of virtual data storage devices can communicate with said computer system.
13. The virtual data storage system of claim 4, wherein said controller is configured so that more than one of said plurality of virtual data storage devices can communicate with said computer system.
14. The virtual data storage system of claim 1, wherein said memory system comprises random access memory.
15. The virtual data storage system of claim 1, wherein said memory system comprises nonvolatile memory.
16. A method for providing a plurality of virtual data storage devices for use in a computer system having a memory system for storing information, wherein said computer system has an initialization operation and a normal operation, comprising the steps of:
partitioning physical memory address space of said memory system into a plurality of virtual data storage devices, each said virtual data storage device comprising a separate portion of said physical memory address space determined in accordance with a memory mapping of said physical memory address space into said virtual data storage devices, said memory mapping having an offset corresponding to each said virtual data storage device and causing fewer than said plurality of virtual data storage devices to be presented to said computer system during said normal operation; and
utilizing said memory mapping and said offsets to restrict communication by said computer system during said normal operation to communication with fewer than said plurality of virtual data storage devices, in order to selectively isolate at least one said virtual data storage device and its corresponding physical memory address space from communication with said computer system, wherein at no time during said normal operation can said computer system communicate with said at least one said virtual data storage device and its corresponding physical memory address space, thereby preventing corruption of information stored in said at least one virtual data storage device.
17. The method of claim 16, wherein said memory system comprises a disk drive storage system, and wherein said virtual data storage devices comprise virtual disk drives.
18. The method of claim 16, further comprising the steps of:
selecting a quantity of said virtual data storage devices;
selecting a size for each said virtual data storage device; and
selecting said virtual data storage devices which are selectively isolated from communication with said computer system.
19. The method of claim 18, wherein said steps of selecting said quantity of said virtual data storage devices, selecting said size for each said virtual data storage device, and selecting said virtual data storage devices which are selectively isolated from communication with said computer system, are performed exclusively during said initialization operation.
20. The method of claim 19, wherein said computer system comprises a personal computer system, and wherein the step of engaging in said initialization operation comprises the step of engaging in a BIOS initialization boot sequence.
21. The method of claim 19, wherein said computer system has a plurality of users, and wherein said steps of selecting said quantity of said virtual data storage devices and selecting said size for each said virtual data storage device are performed by one or more said users, and wherein said step of selecting said virtual data storage devices which are selectively isolated from communication with said computer system is determined according to the users operating said computer system during said normal operation.
22. A virtual data storage system for providing a plurality of virtual disk drives for use in a computer system having a central processing unit and a plurality of users, the computer system being arranged to engage in an initialization boot sequence followed by a period of normal operation, the virtual data storage system comprising:
a disk drive storage system for storing information; and
a virtual data storage controller in communication with said disk drive storage system and with said central processing unit of said computer system, said controller being capable of partitioning physical memory address space of said disk drive storage system into a plurality of virtual disk drives, each said virtual disk drive comprising a separate portion of said physical memory address space determined in accordance with a memory mapping of said physical memory address space into said virtual disk drives, said memory mapping having an offset corresponding to each said virtual disk drive and causing fewer than said plurality of virtual disk drives to be presented to said computer system during said period of normal operation, wherein said controller is configured by one or more said users during said initialization boot sequence to select a quantity of said virtual disk drives, to select a size for each said virtual disk drive, and to generate said memory mapping and said offsets to restrict during the entirety of said period of normal operation communication by said computer system to communication with fewer than said plurality of virtual disk drives, in order to selectively isolate at least one said virtual disk drive and its corresponding physical memory address space from communication with said computer system during the entirety of said period of normal operation, said at least one virtual disk drive being determined according to the user operating said computer system during said period of normal operation, wherein at no time during said period of normal operation can said computer system communicate with said at least one said virtual disk drive and its corresponding physical memory address space, thereby preventing corruption of information stored in said at least one virtual disk drive.
23. The virtual data storage system of claim 22, wherein said controller is configured using a stored initialization and configuration routine and stored configuration data, wherein said computer system is arranged to access said stored initialization and configuration routine and said stored configuration data only during said initialization boot sequence of said computer system.
24. A virtual data storage system for providing a plurality of virtual data storage devices for use in at least one computer system, said at least one computer system having a plurality of central processing units, wherein said computer system has an initialization operation and a normal operation, the virtual data storage system comprising:
a memory system for storing information; and
a virtual data storage controller in communication with said memory system and with said central processing units of said computer system, said controller being capable of partitioning physical memory address space of said memory system into a plurality of virtual data storage devices, each said virtual data storage device comprising a separate portion of said physical memory address space determined in accordance with a memory mapping of said physical memory address space into said virtual data storage devices, said memory mapping having an offset corresponding to each said virtual data storage device and causing fewer than said plurality of virtual data storage devices to be presented to said computer system during said normal operation, said controller also being capable of utilizing said memory mapping and said offsets to restrict communication by said computer system during said normal operation to communication with fewer than said plurality of virtual data storage devices, in order to selectively isolate at least one said virtual data storage device and its corresponding physical memory address space from communication with said computer system, wherein at no time during said normal operation can said computer system communicate with said at least one said virtual data storage device and its corresponding physical memory address space, thereby preventing corruption of information stored in said at least one virtual data storage device.
25. The virtual data storage system of claim 24, wherein said memory system comprises a disk drive storage system, and wherein said virtual data storage devices comprise virtual disk drives.
26. The virtual data storage system of claim 25, wherein said disk drive storage system comprises a plurality of disk drive storage units.
27. The virtual data storage system of claim 24, wherein each said virtual data storage device is of a size which can be selected, and wherein said controller is configured to select a quantity of said virtual data storage devices, to select said size for each said virtual data storage device, and to select said virtual data storage devices which are selectively isolated from communication with said computer system.
28. The virtual data storage system of claim 27, wherein said controller is configured exclusively during said initialization operation.
29. The virtual data storage system of claim 28, wherein said computer system comprises a personal computer system, and wherein said initialization operation comprises a BIOS initialization boot sequence.
30. The virtual data storage system of claim 28, wherein said computer system has a plurality of users, and wherein said controller is configured by one or more said users during said initialization operation of said computer system, and wherein said virtual data storage devices selectively isolated from communication with said computer system are determined according to the user operating said computer system during said period of normal operation.
31. The virtual data storage system of claim 28, wherein said computer system is arranged to engage in said initialization operation when electrical power is applied to said computer system or when said computer system is reset.
32. The virtual data storage system of claim 28, wherein said controller is configured using a stored initialization and configuration routine and stored configuration data, wherein said computer system is arranged to access said stored initialization and configuration routine and said stored configuration data only during said initialization operation of said computer system.
33. The virtual data storage system of claim 32, wherein said initialization and configuration routine and said configuration data are stored in said memory system of said computer system.
34. The virtual data storage system of claim 32, wherein said computer system comprises a personal computer system and wherein said initialization operation of said computer system comprises a BIOS initialization boot sequence, and wherein said stored initialization and configuration routine for configuring said controller is invoked by said BIOS initialization boot sequence.
35. The virtual data storage system of claim 27, wherein said controller is configured so that only one of said plurality of virtual data storage devices can communicate with each of said at least one computer system.
36. The virtual data storage system of claim 27, wherein said controller is configured so that more than one of said plurality of virtual data storage devices can communicate with each of said at least one computer system.
37. The virtual data storage system of claim 24, wherein said memory system comprises random access memory.
38. The virtual data storage system of claim 24, wherein said memory system comprises nonvolatile memory.
39. The virtual data storage system of claim 27, wherein said controller is configured so that said virtual data storage devices which are selectively isolated from communication with said computer system are isolated from communication with all of said plurality of said central processing units.
40. The virtual data storage system of claim 27, wherein said controller is configured so that said virtual data storage devices which are selectively isolated from communication with said computer system are isolated from communication with fewer than all of said plurality of said central processing units.
41. The virtual data storage system of claim 27, wherein said at least one computer system comprises a plurality of computer systems communicatively connected together by a communications network.
42. The virtual data storage system of claim 41, wherein said controller is configured so that said virtual data storage devices which are selectively isolated from communication with said at least one computer system are isolated from communication with all of said plurality of said computer systems.
43. The virtual data storage system of claim 41, wherein said controller is configured so that said virtual data storage devices which are selectively isolated from communication with said at least one computer system are isolated from communication with fewer than all of said plurality of said computer systems.
44. The virtual data storage system of claim 27, wherein said at least one computer system comprises a plurality of computer system components communicatively connected together by a communications network.
45. The virtual data storage system of claim 44, wherein said controller is configured so that said virtual data storage devices which are selectively isolated from communication with said at least one computer system are isolated from communication with all of said plurality of said computer system components.
46. The virtual data storage system of claim 44, wherein said controller is configured so that said virtual data storage devices which are selectively isolated from communication with said at least one computer system are isolated from communication with fewer than all of said plurality of said computer system components.
47. In a computer system having a memory system for storing information, a central processing unit and programs stored in said memory, wherein said computer system has an initialization operation and a normal operation, the improvement wherein there is provided a memory controller for partitioning physical memory address space of said memory into a plurality of virtual memories, each said virtual memory comprising a separate portion of said physical memory address space determined in accordance with a memory mapping of said physical memory address space into said virtual memories, said memory mapping having an offset corresponding to each said virtual memory and causing fewer than said plurality of virtual memories to be presented to said computer system during said normal operation, said memory controller also utilizing said memory mapping and said offsets to restrict communication by said central processing unit during said normal operation to prevent communication with at least one of said virtual memories and its corresponding physical memory address space, wherein at no time during said normal operation can said central processing unit communicate with said at least one of said virtual memories and its corresponding physical memory address space.
48. The improvement specified in claim 47 wherein each of said virtual memories comprises a contiguous portion of said physical memory address space.
49. The improvement specified in claim 47 wherein said memory controller restricts communication by said central processing unit during said normal operation to permit communication with only one of said virtual memories.
50. The improvement specified in claim 47 wherein programs are stored in a plurality of said virtual memories.
51. The improvement specified in claim 47 wherein said controller restricts communication by restricting the addresses that can be presented to said memory.
US09/323,802 1998-06-22 1999-06-02 Virtual data storage (VDS) system Expired - Fee Related US6324627B1 (en)

Priority Applications (3)

Application Number Priority Date Filing Date Title
US09/323,802 US6324627B1 (en) 1998-06-22 1999-06-02 Virtual data storage (VDS) system
US09/994,584 US6792519B2 (en) 1998-06-22 2001-11-26 Virtual data storage (VDS) system
US10/005,172 US20020095557A1 (en) 1998-06-22 2001-12-03 Virtual data storage (VDS) system

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US10252098A 1998-06-22 1998-06-22
US09/323,802 US6324627B1 (en) 1998-06-22 1999-06-02 Virtual data storage (VDS) system

Related Parent Applications (1)

Application Number Title Priority Date Filing Date
US10252098A Continuation-In-Part 1998-06-22 1998-06-22

Related Child Applications (1)

Application Number Title Priority Date Filing Date
US09/994,584 Continuation US6792519B2 (en) 1998-06-22 2001-11-26 Virtual data storage (VDS) system

Publications (1)

Publication Number Publication Date
US6324627B1 true US6324627B1 (en) 2001-11-27

Family

ID=22290293

Family Applications (2)

Application Number Title Priority Date Filing Date
US09/323,802 Expired - Fee Related US6324627B1 (en) 1998-06-22 1999-06-02 Virtual data storage (VDS) system
US09/994,584 Expired - Fee Related US6792519B2 (en) 1998-06-22 2001-11-26 Virtual data storage (VDS) system

Family Applications After (1)

Application Number Title Priority Date Filing Date
US09/994,584 Expired - Fee Related US6792519B2 (en) 1998-06-22 2001-11-26 Virtual data storage (VDS) system

Country Status (9)

Country Link
US (2) US6324627B1 (en)
EP (1) EP1090353A1 (en)
JP (1) JP2002519760A (en)
KR (1) KR20010071560A (en)
CN (1) CN1306645A (en)
AU (1) AU4321799A (en)
BR (1) BR9911409A (en)
CA (1) CA2335600A1 (en)
WO (1) WO1999067713A1 (en)

Cited By (71)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020029326A1 (en) * 2000-06-02 2002-03-07 Reuter James M. Centralized fine-grained enhancements for distributed table driven I/O mapping
US20020083334A1 (en) * 2000-07-14 2002-06-27 Rogers Antony John Detection of viral code using emulation of operating system functions
US6507905B1 (en) * 1999-09-30 2003-01-14 International Business Machines Corporation System for modifying a master partition table of a master boot record to create a personalized local data drive having dedicated allocation for a specified user
US20030023867A1 (en) * 2001-07-25 2003-01-30 Thibadeau Robert H. Methods and systems for promoting security in a computer system employing attached storage devices
US20030065875A1 (en) * 2001-09-28 2003-04-03 Van Cleve Robert E. Reserved ROM space for storage of operating system drivers
US20030065913A1 (en) * 2001-09-28 2003-04-03 Cepulis Darren J. Semi-persistent relocatable ram-based virtual floppy disk method
US20030065864A1 (en) * 2001-10-03 2003-04-03 Dell Products L.P. System and method supporting remote data processing system management
US20030110300A1 (en) * 2001-12-12 2003-06-12 Micro-Star Int'l Co., Ltd. Virtual storage interface device
US20030110351A1 (en) * 2001-12-07 2003-06-12 Dell Products L.P. System and method supporting virtual local data storage
WO2003083658A2 (en) * 2002-03-27 2003-10-09 Intel Corporation Bios shadowed hard disk drive as robust, always on, backup
US20030204700A1 (en) * 2002-04-26 2003-10-30 Biessener David W. Virtual physical drives
US20030202271A1 (en) * 2002-04-29 2003-10-30 Jack Chen Method for controlling and protecting computer facility
US6647481B1 (en) 2002-01-31 2003-11-11 Western Digital Ventures, Inc. Method for accessing data storage locations having addresses within a hidden logical address range
US6708283B1 (en) * 2000-04-13 2004-03-16 Stratus Technologies, Bermuda Ltd. System and method for operating a system with redundant peripheral bus controllers
US6728751B1 (en) * 2000-03-16 2004-04-27 International Business Machines Corporation Distributed back up of data on a network
US6735715B1 (en) 2000-04-13 2004-05-11 Stratus Technologies Bermuda Ltd. System and method for operating a SCSI bus with redundant SCSI adaptors
US6757778B1 (en) 2002-05-07 2004-06-29 Veritas Operating Corporation Storage management system
US6792519B2 (en) * 1998-06-22 2004-09-14 Virtual Data Security, Llc Virtual data storage (VDS) system
US20040186971A1 (en) * 2000-12-29 2004-09-23 Dennis Meharchand Apparatus and method for protecting data recorded on a storage medium
US20050091522A1 (en) * 2001-06-29 2005-04-28 Hearn Michael A. Security system and method for computers
US20050160281A1 (en) * 2001-07-25 2005-07-21 Seagate Technology Llc System and method for delivering versatile security, digital rights management, and privacy services
US20050268338A1 (en) * 2000-07-14 2005-12-01 Internet Security Systems, Inc. Computer immune system and method for detecting unwanted code in a computer system
US20060021041A1 (en) * 2004-07-20 2006-01-26 International Business Machines Corporation Storage conversion for anti-virus speed-up
US20060021032A1 (en) * 2004-07-20 2006-01-26 International Business Machines Corporation Secure storage tracking for anti-virus speed-up
US20060112300A1 (en) * 2004-11-05 2006-05-25 Broadcom Corporation Method and computer program product for backing up and restoring online system information
US20060129785A1 (en) * 2004-12-15 2006-06-15 International Business Machines (Ibm) Corporation Storage of data blocks of logical volumes in a virtual disk storage subsystem
US7093086B1 (en) 2002-03-28 2006-08-15 Veritas Operating Corporation Disaster recovery and backup using virtual machines
US20060185016A1 (en) * 2005-02-17 2006-08-17 Sitze Richard A System, computer program product and method of selecting sectors of a hard disk on which to perform a virus scan
US7203944B1 (en) 2003-07-09 2007-04-10 Veritas Operating Corporation Migrating virtual machines among computer systems to balance load caused by virtual machines
US7213246B1 (en) 2002-03-28 2007-05-01 Veritas Operating Corporation Failing over a virtual machine
US7246200B1 (en) 2003-11-12 2007-07-17 Veritas Operating Corporation Provisioning and snapshotting using copy on read/write and transient virtual machine technology
US20070180210A1 (en) * 2006-01-31 2007-08-02 Seagate Technology Llc Storage device for providing flexible protected access for security applications
US20070198803A1 (en) * 2006-02-07 2007-08-23 Seagate Technology Llc Storage system with alterable background behaviors
CN100334566C (en) * 2002-09-06 2007-08-29 联想(北京)有限公司 Method for accessing any sector of hard disk from file system
CN100340981C (en) * 2004-01-20 2007-10-03 顺昱科技股份有限公司 Apparatus and method for managing and transporting virtual disks over a network to networked stations
US20070250710A1 (en) * 2006-04-25 2007-10-25 Seagate Technology Llc Versatile secure and non-secure messaging
US20070250734A1 (en) * 2006-04-25 2007-10-25 Seagate Technology Llc Hybrid computer security clock
US20080005798A1 (en) * 2006-06-30 2008-01-03 Ross Alan D Hardware platform authentication and multi-purpose validation
US20080016569A1 (en) * 2000-10-10 2008-01-17 Internet Security Systems, Inc. Method and System for Creating a Record for One or More Computer Security Incidents
US7356677B1 (en) * 2001-10-19 2008-04-08 Flash Vos, Inc. Computer system capable of fast switching between multiple operating systems and applications
US20080147962A1 (en) * 2006-12-15 2008-06-19 Diggs Mark S Storage subsystem with multiple non-volatile memory arrays to protect against data losses
US20080162866A1 (en) * 2006-12-28 2008-07-03 Siddiqi Faraz A Apparatus and method for fast and secure memory context switching
US7447807B1 (en) 2006-06-30 2008-11-04 Siliconsystems, Inc. Systems and methods for storing data in segments of a storage subsystem
US20080320127A1 (en) * 2007-06-25 2008-12-25 Microsoft Corporation Secure publishing of data to dmz using virtual hard drives
US7509441B1 (en) 2006-06-30 2009-03-24 Siliconsystems, Inc. Systems and methods for segmenting and protecting a storage subsystem
US20090106517A1 (en) * 2007-10-23 2009-04-23 Asustek Computer Inc. Data protection method
US7546354B1 (en) * 2001-07-06 2009-06-09 Emc Corporation Dynamic network based storage with high availability
CN100498738C (en) * 2004-10-10 2009-06-10 深圳市广道高新技术有限公司 Virtual structure type network computer support platform system and constructing method
US20090254636A1 (en) * 2008-04-04 2009-10-08 International Business Machines Corporation Virtual array site configuration
US20090254468A1 (en) * 2008-04-04 2009-10-08 International Business Machines Corporation On-demand virtual storage capacity
US20090254716A1 (en) * 2008-04-04 2009-10-08 International Business Machines Corporation Coordinated remote and local machine configuration
US7603670B1 (en) 2002-03-28 2009-10-13 Symantec Operating Corporation Virtual machine transfer between computer systems
US20090313447A1 (en) * 2008-06-13 2009-12-17 Nguyen Sinh D Remote, Granular Restore from Full Virtual Machine Backup
US7653699B1 (en) * 2003-06-12 2010-01-26 Symantec Operating Corporation System and method for partitioning a file system for enhanced availability and scalability
US7657938B2 (en) 2003-10-28 2010-02-02 International Business Machines Corporation Method and system for protecting computer networks by altering unwanted network data traffic
US7657419B2 (en) 2001-06-19 2010-02-02 International Business Machines Corporation Analytical virtual machine
US7673137B2 (en) 2002-01-04 2010-03-02 International Business Machines Corporation System and method for the managed security control of processes on a computer system
US7712138B2 (en) 2001-01-31 2010-05-04 International Business Machines Corporation Method and system for configuring and scheduling security audits of a computer network
US20100174849A1 (en) * 2009-01-07 2010-07-08 Siliconsystems, Inc. Systems and methods for improving the performance of non-volatile memory operations
US7770225B2 (en) 1999-07-29 2010-08-03 International Business Machines Corporation Method and apparatus for auditing network security
US20100250793A1 (en) * 2009-03-24 2010-09-30 Western Digital Technologies, Inc. Adjusting access of non-volatile semiconductor memory based on access time
US7810092B1 (en) 2004-03-02 2010-10-05 Symantec Operating Corporation Central administration and maintenance of workstations using virtual machines, network filesystems, and replication
US7913303B1 (en) 2003-01-21 2011-03-22 International Business Machines Corporation Method and system for dynamically protecting a computer system from attack
US7921459B2 (en) 2000-04-28 2011-04-05 International Business Machines Corporation System and method for managing security events on a network
US7934254B2 (en) 1998-12-09 2011-04-26 International Business Machines Corporation Method and apparatus for providing network and computer system security
US20110179369A1 (en) * 2010-01-15 2011-07-21 Kingston Technology Corporation Managing and indentifying multiple memory storage devices
US8006243B2 (en) 1999-12-07 2011-08-23 International Business Machines Corporation Method and apparatus for remote installation of network drivers and software
US8429724B2 (en) 2006-04-25 2013-04-23 Seagate Technology Llc Versatile access control system
US8825940B1 (en) 2008-12-02 2014-09-02 Siliconsystems, Inc. Architecture for optimizing execution of storage access commands
US10019159B2 (en) 2012-03-14 2018-07-10 Open Invention Network Llc Systems, methods and devices for management of virtual memory systems
US10303782B1 (en) 2014-12-29 2019-05-28 Veritas Technologies Llc Method to allow multi-read access for exclusive access of virtual disks by using a virtualized copy of the disk

Families Citing this family (22)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2359153A (en) 2000-02-10 2001-08-15 Int Computers Ltd Device discovery in a shared data storage system
US20020103889A1 (en) * 2000-02-11 2002-08-01 Thomas Markson Virtual storage layer approach for dynamically associating computer storage with processing hosts
WO2002054251A2 (en) * 2000-12-29 2002-07-11 Valt. X Apparatus and method for protecting data recorded on a storage medium
US7617330B2 (en) * 2001-04-26 2009-11-10 The Boeing Company System and method for preloading a bus controller with command schedule
US7500069B2 (en) * 2001-09-17 2009-03-03 Hewlett-Packard Development Company, L.P. System and method for providing secure access to network logical storage partitions
US20030214957A1 (en) * 2002-05-15 2003-11-20 Wahoske Matthew John Broadband set-top box front-end storage system
JP2004110367A (en) * 2002-09-18 2004-04-08 Hitachi Ltd Storage system control method, storage control device, and storage system
JP2004178337A (en) * 2002-11-28 2004-06-24 Hitachi Ltd Storage device system, storage device, computer and program
US6968432B2 (en) * 2003-05-16 2005-11-22 International Business Machines Corporation Method and system for altering a sequence number assignment pattern while preserving integrity and high concurrency in a multi-system shared disk environment
US20070233727A1 (en) * 2003-08-05 2007-10-04 Gideon Guy Multiple Virtual Devices
US8402269B2 (en) * 2004-02-24 2013-03-19 Softcamp Co., Ltd. System and method for controlling exit of saved data from security zone
CN101963929B (en) * 2004-12-31 2016-07-06 钟巨航 The method preserving/resume work scene
JP4766656B2 (en) * 2005-04-12 2011-09-07 キヤノン株式会社 Data recording device
US8607070B2 (en) * 2006-12-20 2013-12-10 Kingston Technology Corporation Secure storage system and method of use
US8527781B2 (en) * 2007-05-09 2013-09-03 Kingston Technology Corporation Secure and scalable solid state disk system
US8499168B2 (en) * 2007-05-09 2013-07-30 Kingston Technology Corporation Secure and scalable solid state disk system
KR100911345B1 (en) 2007-06-20 2009-08-07 (주)테르텐 Method and apparatus for contents security
US20130091101A1 (en) * 2011-10-05 2013-04-11 Netapp, Inc. Systems and methods for network assisted file system check
JP2013131158A (en) 2011-12-22 2013-07-04 Fujitsu Ltd Automatic virtualization program, automatic virtualization method, and information processing apparatus
US9515951B2 (en) * 2013-11-15 2016-12-06 Microsoft Technology Licensing, Llc Computing system architecture that facilitates forming of customized virtual disks
US10452306B1 (en) * 2013-12-31 2019-10-22 EMC IP Holding Company LLC Method and apparatus for asymmetric raid
CN113111061B (en) * 2021-03-25 2022-09-13 浙江省科技信息研究院 Data processing system based on multidimensional analysis

Citations (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5129088A (en) 1987-11-30 1992-07-07 International Business Machines Corporation Data processing method to create virtual disks from non-contiguous groups of logically contiguous addressable blocks of direct access storage device
US5519844A (en) 1990-11-09 1996-05-21 Emc Corporation Logical partitioning of a redundant array storage system
US5586301A (en) 1994-11-09 1996-12-17 Ybm Technologies, Inc. Personal computer hard disk protection system
US5657473A (en) * 1990-02-21 1997-08-12 Arendee Limited Method and apparatus for controlling access to and corruption of information in computer systems
US5657470A (en) 1994-11-09 1997-08-12 Ybm Technologies, Inc. Personal computer hard disk protection system
US5675769A (en) 1995-02-23 1997-10-07 Powerquest Corporation Method for manipulating disk partitions
US5706472A (en) 1995-02-23 1998-01-06 Powerquest Corporation Method for manipulating disk partitions
US5721877A (en) 1995-05-31 1998-02-24 Ast Research, Inc. Method and apparatus for limiting access to nonvolatile memory device
US5758050A (en) 1996-03-12 1998-05-26 International Business Machines Corporation Reconfigurable data storage system
US5829053A (en) 1996-05-10 1998-10-27 Apple Computer, Inc. Block storage memory management system and method utilizing independent partition managers and device drivers
US5928327A (en) * 1996-08-08 1999-07-27 Wang; Pong-Sheng System and process for delivering digital data on demand
US6052781A (en) * 1997-02-21 2000-04-18 Savvy Frontiers Property Trust Multiple user computer including anti-concurrent user-class based disjunctive separation of plural hard drive operation
US6067618A (en) * 1998-03-26 2000-05-23 Innova Patent Trust Multiple operating system and disparate user mass storage resource separation for a computer system

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5930831A (en) * 1995-02-23 1999-07-27 Powerquest Corporation Partition manipulation architecture supporting multiple file systems
US6016536A (en) * 1997-11-13 2000-01-18 Ye-Te Wu Method for backing up the system files in a hard disk drive
CA2335600A1 (en) * 1998-06-22 1999-12-29 Charles T. Gambetta Virtual data storage (vds) system
US6272611B1 (en) 1999-02-09 2001-08-07 Yu-Te Wu Computer data storage medium having a virtual disk drive and memory management method therefor

Patent Citations (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5129088A (en) 1987-11-30 1992-07-07 International Business Machines Corporation Data processing method to create virtual disks from non-contiguous groups of logically contiguous addressable blocks of direct access storage device
US5657473A (en) * 1990-02-21 1997-08-12 Arendee Limited Method and apparatus for controlling access to and corruption of information in computer systems
US5519844A (en) 1990-11-09 1996-05-21 Emc Corporation Logical partitioning of a redundant array storage system
US5586301A (en) 1994-11-09 1996-12-17 Ybm Technologies, Inc. Personal computer hard disk protection system
US5657470A (en) 1994-11-09 1997-08-12 Ybm Technologies, Inc. Personal computer hard disk protection system
US5706472A (en) 1995-02-23 1998-01-06 Powerquest Corporation Method for manipulating disk partitions
US5675769A (en) 1995-02-23 1997-10-07 Powerquest Corporation Method for manipulating disk partitions
US5721877A (en) 1995-05-31 1998-02-24 Ast Research, Inc. Method and apparatus for limiting access to nonvolatile memory device
US5758050A (en) 1996-03-12 1998-05-26 International Business Machines Corporation Reconfigurable data storage system
US5829053A (en) 1996-05-10 1998-10-27 Apple Computer, Inc. Block storage memory management system and method utilizing independent partition managers and device drivers
US5928327A (en) * 1996-08-08 1999-07-27 Wang; Pong-Sheng System and process for delivering digital data on demand
US6052781A (en) * 1997-02-21 2000-04-18 Savvy Frontiers Property Trust Multiple user computer including anti-concurrent user-class based disjunctive separation of plural hard drive operation
US6067618A (en) * 1998-03-26 2000-05-23 Innova Patent Trust Multiple operating system and disparate user mass storage resource separation for a computer system

Cited By (120)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6792519B2 (en) * 1998-06-22 2004-09-14 Virtual Data Security, Llc Virtual data storage (VDS) system
US7934254B2 (en) 1998-12-09 2011-04-26 International Business Machines Corporation Method and apparatus for providing network and computer system security
US7770225B2 (en) 1999-07-29 2010-08-03 International Business Machines Corporation Method and apparatus for auditing network security
US6507905B1 (en) * 1999-09-30 2003-01-14 International Business Machines Corporation System for modifying a master partition table of a master boot record to create a personalized local data drive having dedicated allocation for a specified user
US8006243B2 (en) 1999-12-07 2011-08-23 International Business Machines Corporation Method and apparatus for remote installation of network drivers and software
US6728751B1 (en) * 2000-03-16 2004-04-27 International Business Machines Corporation Distributed back up of data on a network
US6708283B1 (en) * 2000-04-13 2004-03-16 Stratus Technologies, Bermuda Ltd. System and method for operating a system with redundant peripheral bus controllers
US6735715B1 (en) 2000-04-13 2004-05-11 Stratus Technologies Bermuda Ltd. System and method for operating a SCSI bus with redundant SCSI adaptors
US7921459B2 (en) 2000-04-28 2011-04-05 International Business Machines Corporation System and method for managing security events on a network
US7269631B2 (en) * 2000-06-02 2007-09-11 Hewlett-Packard Development Company, L.P. Architecture for parallel distributed table driven I/O mapping
US20020029326A1 (en) * 2000-06-02 2002-03-07 Reuter James M. Centralized fine-grained enhancements for distributed table driven I/O mapping
US7720928B2 (en) * 2000-06-02 2010-05-18 Hewlett-Packard Development Company, L.P. Centralized fine-grained enhancements for distributed table driven I/O mapping
US20020083334A1 (en) * 2000-07-14 2002-06-27 Rogers Antony John Detection of viral code using emulation of operating system functions
US20050268338A1 (en) * 2000-07-14 2005-12-01 Internet Security Systems, Inc. Computer immune system and method for detecting unwanted code in a computer system
US8341743B2 (en) * 2000-07-14 2012-12-25 Ca, Inc. Detection of viral code using emulation of operating system functions
US7093239B1 (en) 2000-07-14 2006-08-15 Internet Security Systems, Inc. Computer immune system and method for detecting unwanted code in a computer system
US7854004B2 (en) 2000-07-14 2010-12-14 International Business Machines Corporation Computer immune system and method for detecting unwanted code in a computer system
US20080016569A1 (en) * 2000-10-10 2008-01-17 Internet Security Systems, Inc. Method and System for Creating a Record for One or More Computer Security Incidents
US9027121B2 (en) 2000-10-10 2015-05-05 International Business Machines Corporation Method and system for creating a record for one or more computer security incidents
US20040186971A1 (en) * 2000-12-29 2004-09-23 Dennis Meharchand Apparatus and method for protecting data recorded on a storage medium
US7370165B2 (en) * 2000-12-29 2008-05-06 Valt.X Technologies Inc. Apparatus and method for protecting data recording on a storage medium
US7712138B2 (en) 2001-01-31 2010-05-04 International Business Machines Corporation Method and system for configuring and scheduling security audits of a computer network
US7657419B2 (en) 2001-06-19 2010-02-02 International Business Machines Corporation Analytical virtual machine
US8474021B2 (en) 2001-06-29 2013-06-25 Secure Systems Limited Security system and method for computers
US20050091522A1 (en) * 2001-06-29 2005-04-28 Hearn Michael A. Security system and method for computers
US7546354B1 (en) * 2001-07-06 2009-06-09 Emc Corporation Dynamic network based storage with high availability
US7925894B2 (en) 2001-07-25 2011-04-12 Seagate Technology Llc System and method for delivering versatile security, digital rights management, and privacy services
US7461270B2 (en) 2001-07-25 2008-12-02 Seagate Technology Llc Methods and systems for promoting security in a computer system employing attached storage devices
US20050160281A1 (en) * 2001-07-25 2005-07-21 Seagate Technology Llc System and method for delivering versatile security, digital rights management, and privacy services
US7426747B2 (en) 2001-07-25 2008-09-16 Antique Books, Inc. Methods and systems for promoting security in a computer system employing attached storage devices
US20050066191A1 (en) * 2001-07-25 2005-03-24 Seagate Technology Llc System and method for delivering versatile security, digital rights management, and privacy services from storage controllers
US20030023867A1 (en) * 2001-07-25 2003-01-30 Thibadeau Robert H. Methods and systems for promoting security in a computer system employing attached storage devices
US7036020B2 (en) 2001-07-25 2006-04-25 Antique Books, Inc Methods and systems for promoting security in a computer system employing attached storage devices
US7822961B2 (en) * 2001-09-28 2010-10-26 Hewlett-Packard Development Company, L.P. Semi-persistent relocatable ram-based virtual floppy disk method
US20030065913A1 (en) * 2001-09-28 2003-04-03 Cepulis Darren J. Semi-persistent relocatable ram-based virtual floppy disk method
US20080082810A1 (en) * 2001-09-28 2008-04-03 Hewlett-Packard Development Company, L.P. Semi-persistent relocatable ram-based virtual floppy disk method
US7318149B2 (en) * 2001-09-28 2008-01-08 Hewlett-Packard Development Company, L.P. Semi-persistent relocatable ram-based virtual floppy disk method
US7299345B2 (en) 2001-09-28 2007-11-20 Hewlett-Packard Development Company, L.P. Reserved ROM space for storage of operating system drivers
US20030065875A1 (en) * 2001-09-28 2003-04-03 Van Cleve Robert E. Reserved ROM space for storage of operating system drivers
US20030065864A1 (en) * 2001-10-03 2003-04-03 Dell Products L.P. System and method supporting remote data processing system management
US7356677B1 (en) * 2001-10-19 2008-04-08 Flash Vos, Inc. Computer system capable of fast switching between multiple operating systems and applications
US6874060B2 (en) * 2001-12-07 2005-03-29 Dell Products L.P. Distributed computer system including a virtual disk subsystem and method for providing a virtual local drive
US20030110351A1 (en) * 2001-12-07 2003-06-12 Dell Products L.P. System and method supporting virtual local data storage
US20030110300A1 (en) * 2001-12-12 2003-06-12 Micro-Star Int'l Co., Ltd. Virtual storage interface device
US7673137B2 (en) 2002-01-04 2010-03-02 International Business Machines Corporation System and method for the managed security control of processes on a computer system
US6647481B1 (en) 2002-01-31 2003-11-11 Western Digital Ventures, Inc. Method for accessing data storage locations having addresses within a hidden logical address range
WO2003083658A2 (en) * 2002-03-27 2003-10-09 Intel Corporation Bios shadowed hard disk drive as robust, always on, backup
WO2003083658A3 (en) * 2002-03-27 2004-08-19 Intel Corp Bios shadowed hard disk drive as robust, always on, backup
US7603670B1 (en) 2002-03-28 2009-10-13 Symantec Operating Corporation Virtual machine transfer between computer systems
US7533229B1 (en) 2002-03-28 2009-05-12 Symantec Operating Corporation Disaster recovery and backup using virtual machines
US7093086B1 (en) 2002-03-28 2006-08-15 Veritas Operating Corporation Disaster recovery and backup using virtual machines
US7213246B1 (en) 2002-03-28 2007-05-01 Veritas Operating Corporation Failing over a virtual machine
US20030204700A1 (en) * 2002-04-26 2003-10-30 Biessener David W. Virtual physical drives
US7185169B2 (en) 2002-04-26 2007-02-27 Voom Technologies, Inc. Virtual physical drives
US20030202271A1 (en) * 2002-04-29 2003-10-30 Jack Chen Method for controlling and protecting computer facility
US6757778B1 (en) 2002-05-07 2004-06-29 Veritas Operating Corporation Storage management system
US7266637B1 (en) 2002-05-07 2007-09-04 Veritas Operating Corporation Storage management system
CN100334566C (en) * 2002-09-06 2007-08-29 联想(北京)有限公司 Method for accessing any sector of hard disk from file system
US7913303B1 (en) 2003-01-21 2011-03-22 International Business Machines Corporation Method and system for dynamically protecting a computer system from attack
US7653699B1 (en) * 2003-06-12 2010-01-26 Symantec Operating Corporation System and method for partitioning a file system for enhanced availability and scalability
US7203944B1 (en) 2003-07-09 2007-04-10 Veritas Operating Corporation Migrating virtual machines among computer systems to balance load caused by virtual machines
US7716667B2 (en) 2003-07-09 2010-05-11 Symantec Operating Corporation Migrating virtual machines among computer systems to balance load caused by virtual machines
US20070130566A1 (en) * 2003-07-09 2007-06-07 Van Rietschote Hans F Migrating Virtual Machines among Computer Systems to Balance Load Caused by Virtual Machines
US7657938B2 (en) 2003-10-28 2010-02-02 International Business Machines Corporation Method and system for protecting computer networks by altering unwanted network data traffic
US7246200B1 (en) 2003-11-12 2007-07-17 Veritas Operating Corporation Provisioning and snapshotting using copy on read/write and transient virtual machine technology
CN100340981C (en) * 2004-01-20 2007-10-03 顺昱科技股份有限公司 Apparatus and method for managing and transporting virtual disks over a network to networked stations
US7810092B1 (en) 2004-03-02 2010-10-05 Symantec Operating Corporation Central administration and maintenance of workstations using virtual machines, network filesystems, and replication
US20060021041A1 (en) * 2004-07-20 2006-01-26 International Business Machines Corporation Storage conversion for anti-virus speed-up
US20060021032A1 (en) * 2004-07-20 2006-01-26 International Business Machines Corporation Secure storage tracking for anti-virus speed-up
US7581252B2 (en) 2004-07-20 2009-08-25 Lenovo (Singapore) Pte. Ltd. Storage conversion for anti-virus speed-up
US7581253B2 (en) 2004-07-20 2009-08-25 Lenovo (Singapore) Pte. Ltd. Secure storage tracking for anti-virus speed-up
CN100498738C (en) * 2004-10-10 2009-06-10 深圳市广道高新技术有限公司 Virtual structure type network computer support platform system and constructing method
US8037347B2 (en) 2004-11-05 2011-10-11 Broadcom Corporation Method and system for backing up and restoring online system information
US20090172278A1 (en) * 2004-11-05 2009-07-02 Broadcom Corporation Method and System for Backing Up and Restoring Online System Information
US20060112300A1 (en) * 2004-11-05 2006-05-25 Broadcom Corporation Method and computer program product for backing up and restoring online system information
US7516355B2 (en) 2004-11-05 2009-04-07 Broadcom Corporation Method and computer program product for backing up and restoring online system information
US20060129785A1 (en) * 2004-12-15 2006-06-15 International Business Machines (Ibm) Corporation Storage of data blocks of logical volumes in a virtual disk storage subsystem
US7685400B2 (en) 2004-12-15 2010-03-23 International Business Machines Corporation Storage of data blocks of logical volumes in a virtual disk storage subsystem
US20060185016A1 (en) * 2005-02-17 2006-08-17 Sitze Richard A System, computer program product and method of selecting sectors of a hard disk on which to perform a virus scan
US7581250B2 (en) 2005-02-17 2009-08-25 Lenovo (Singapore) Pte Ltd System, computer program product and method of selecting sectors of a hard disk on which to perform a virus scan
US20070180210A1 (en) * 2006-01-31 2007-08-02 Seagate Technology Llc Storage device for providing flexible protected access for security applications
US8200869B2 (en) 2006-02-07 2012-06-12 Seagate Technology Llc Storage system with alterable background behaviors
US20070198803A1 (en) * 2006-02-07 2007-08-23 Seagate Technology Llc Storage system with alterable background behaviors
US8281178B2 (en) 2006-04-25 2012-10-02 Seagate Technology Llc Hybrid computer security clock
US8429724B2 (en) 2006-04-25 2013-04-23 Seagate Technology Llc Versatile access control system
US20070250710A1 (en) * 2006-04-25 2007-10-25 Seagate Technology Llc Versatile secure and non-secure messaging
US7539890B2 (en) 2006-04-25 2009-05-26 Seagate Technology Llc Hybrid computer security clock
US20070250734A1 (en) * 2006-04-25 2007-10-25 Seagate Technology Llc Hybrid computer security clock
US20090235109A1 (en) * 2006-04-25 2009-09-17 Seagate Technology Llc Hybrid computer security clock
US8028166B2 (en) 2006-04-25 2011-09-27 Seagate Technology Llc Versatile secure and non-secure messaging
US8365294B2 (en) * 2006-06-30 2013-01-29 Intel Corporation Hardware platform authentication and multi-platform validation
US7912991B1 (en) 2006-06-30 2011-03-22 Siliconsystems, Inc. Systems and methods for segmenting and protecting a storage subsystem
US7509441B1 (en) 2006-06-30 2009-03-24 Siliconsystems, Inc. Systems and methods for segmenting and protecting a storage subsystem
US20080005798A1 (en) * 2006-06-30 2008-01-03 Ross Alan D Hardware platform authentication and multi-purpose validation
US7447807B1 (en) 2006-06-30 2008-11-04 Siliconsystems, Inc. Systems and methods for storing data in segments of a storage subsystem
US8549236B2 (en) 2006-12-15 2013-10-01 Siliconsystems, Inc. Storage subsystem with multiple non-volatile memory arrays to protect against data losses
US20080147962A1 (en) * 2006-12-15 2008-06-19 Diggs Mark S Storage subsystem with multiple non-volatile memory arrays to protect against data losses
US20080162866A1 (en) * 2006-12-28 2008-07-03 Siddiqi Faraz A Apparatus and method for fast and secure memory context switching
US8601124B2 (en) 2007-06-25 2013-12-03 Microsoft Corporation Secure publishing of data to DMZ using virtual hard drives
US20080320127A1 (en) * 2007-06-25 2008-12-25 Microsoft Corporation Secure publishing of data to dmz using virtual hard drives
US8041913B2 (en) * 2007-10-23 2011-10-18 Asustek Computer Inc. Data protection method
US20090106517A1 (en) * 2007-10-23 2009-04-23 Asustek Computer Inc. Data protection method
US8271612B2 (en) 2008-04-04 2012-09-18 International Business Machines Corporation On-demand virtual storage capacity
US8055723B2 (en) * 2008-04-04 2011-11-08 International Business Machines Corporation Virtual array site configuration
US20090254636A1 (en) * 2008-04-04 2009-10-08 International Business Machines Corporation Virtual array site configuration
US9946493B2 (en) 2008-04-04 2018-04-17 International Business Machines Corporation Coordinated remote and local machine configuration
US20090254468A1 (en) * 2008-04-04 2009-10-08 International Business Machines Corporation On-demand virtual storage capacity
US20090254716A1 (en) * 2008-04-04 2009-10-08 International Business Machines Corporation Coordinated remote and local machine configuration
US8903956B2 (en) 2008-04-04 2014-12-02 International Business Machines Corporation On-demand virtual storage capacity
US8577845B2 (en) 2008-06-13 2013-11-05 Symantec Operating Corporation Remote, granular restore from full virtual machine backup
US20090313447A1 (en) * 2008-06-13 2009-12-17 Nguyen Sinh D Remote, Granular Restore from Full Virtual Machine Backup
US8825940B1 (en) 2008-12-02 2014-09-02 Siliconsystems, Inc. Architecture for optimizing execution of storage access commands
US9176859B2 (en) 2009-01-07 2015-11-03 Siliconsystems, Inc. Systems and methods for improving the performance of non-volatile memory operations
US20100174849A1 (en) * 2009-01-07 2010-07-08 Siliconsystems, Inc. Systems and methods for improving the performance of non-volatile memory operations
US20100250793A1 (en) * 2009-03-24 2010-09-30 Western Digital Technologies, Inc. Adjusting access of non-volatile semiconductor memory based on access time
US10079048B2 (en) 2009-03-24 2018-09-18 Western Digital Technologies, Inc. Adjusting access of non-volatile semiconductor memory based on access time
US8667191B2 (en) * 2010-01-15 2014-03-04 Kingston Technology Corporation Managing and indentifying multiple memory storage devices
US20110179369A1 (en) * 2010-01-15 2011-07-21 Kingston Technology Corporation Managing and indentifying multiple memory storage devices
US10019159B2 (en) 2012-03-14 2018-07-10 Open Invention Network Llc Systems, methods and devices for management of virtual memory systems
US10303782B1 (en) 2014-12-29 2019-05-28 Veritas Technologies Llc Method to allow multi-read access for exclusive access of virtual disks by using a virtualized copy of the disk

Also Published As

Publication number Publication date
CA2335600A1 (en) 1999-12-29
CN1306645A (en) 2001-08-01
WO1999067713A1 (en) 1999-12-29
KR20010071560A (en) 2001-07-28
US6792519B2 (en) 2004-09-14
JP2002519760A (en) 2002-07-02
BR9911409A (en) 2001-09-04
AU4321799A (en) 2000-01-10
EP1090353A1 (en) 2001-04-11
US20020108023A1 (en) 2002-08-08

Similar Documents

Publication Publication Date Title
US6324627B1 (en) Virtual data storage (VDS) system
US20020095557A1 (en) Virtual data storage (VDS) system
US5781793A (en) Appratus for preventing changes of computer configuration data by unauthorized users
US6052781A (en) Multiple user computer including anti-concurrent user-class based disjunctive separation of plural hard drive operation
US6385721B1 (en) Computer with bootable hibernation partition
JP2755828B2 (en) Secure application card for sharing application data and procedures between multiple microprocessors
US5325430A (en) Encryption apparatus for computer device
US7975117B2 (en) Enforcing isolation among plural operating systems
US5265163A (en) Computer system security device
US6243809B1 (en) Method of flash programming or reading a ROM of a computer system independently of its operating system
US5187792A (en) Method and apparatus for selectively reclaiming a portion of RAM in a personal computer system
US20040088513A1 (en) Controller for partition-level security and backup
JPH0242528A (en) Ic memory card
JP2005515517A (en) External locking mechanism for personal computer memory position
US7069445B2 (en) System and method for migration of a version of a bootable program
JPH0736171B2 (en) Method and apparatus for protecting access to storage and method for providing isolation to storage blocks
US20040268079A1 (en) Method and system for providing a secure rapid restore backup of a raid system
US6567864B1 (en) System and method for identification of computer input/output devices by intercepting identification commands directed to the input/output devices
US6240519B1 (en) Computer method and apparatus to prompt for administrative password to flash a corrupted non-volatile memory
KR100995146B1 (en) System and method for handling device accesses to a memory providing increased memory access security
US20060085629A1 (en) Mapping a reset vector
US20080140946A1 (en) Apparatus, system, and method for protecting hard disk data in multiple operating system environments
US6405311B1 (en) Method for storing board revision
US6779099B2 (en) Operation method for controlling access attributes of a memorized page of a memory unit and its structure
US5752066A (en) Data processing system utilizing progammable microprogram memory controller

Legal Events

Date Code Title Description
AS Assignment

Owner name: VIRTUAL DATA SECURITY, LLC, NEW YORK

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:CONSTABLE, COLIN;KRICHEFF, DAVID NATHAN;GAMBETTA, CHARLES THOMAS;REEL/FRAME:011847/0075;SIGNING DATES FROM 20010519 TO 20010525

FPAY Fee payment

Year of fee payment: 4

FEPP Fee payment procedure

Free format text: PETITION RELATED TO MAINTENANCE FEES FILED (ORIGINAL EVENT CODE: PMFP); ENTITY STATUS OF PATENT OWNER: SMALL ENTITY

REMI Maintenance fee reminder mailed
REIN Reinstatement after maintenance fee payment confirmed
FEPP Fee payment procedure

Free format text: PETITION RELATED TO MAINTENANCE FEES DISMISSED (ORIGINAL EVENT CODE: PMFS); ENTITY STATUS OF PATENT OWNER: SMALL ENTITY

FEPP Fee payment procedure

Free format text: PETITION RELATED TO MAINTENANCE FEES FILED (ORIGINAL EVENT CODE: PMFP); ENTITY STATUS OF PATENT OWNER: SMALL ENTITY

FEPP Fee payment procedure

Free format text: PETITION RELATED TO MAINTENANCE FEES GRANTED (ORIGINAL EVENT CODE: PMFG); ENTITY STATUS OF PATENT OWNER: SMALL ENTITY

FPAY Fee payment

Year of fee payment: 8

SULP Surcharge for late payment
FP Lapsed due to failure to pay maintenance fee

Effective date: 20091127

PRDP Patent reinstated due to the acceptance of a late maintenance fee

Effective date: 20100930

REMI Maintenance fee reminder mailed
LAPS Lapse for failure to pay maintenance fees
STCH Information on status: patent discontinuation

Free format text: PATENT EXPIRED DUE TO NONPAYMENT OF MAINTENANCE FEES UNDER 37 CFR 1.362

FP Lapsed due to failure to pay maintenance fee

Effective date: 20131127

AS Assignment

Owner name: JAMBETTA MUSIC INC, NEW YORK

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:VIRTUAL DATA SECURITY LLC;REEL/FRAME:033034/0803

Effective date: 20140506